Announcement

Collapse
No announcement yet.

Updated AMD Family 19h Microcode Published Following "Inception"

Collapse
X
Collapse
 
  • Page of 1
  • Filter
  • Time
  • Show
Clear All
new posts
Previous template Next
  • #1

    Updated AMD Family 19h Microcode Published Following "Inception"

    Phoronix: Updated AMD Family 19h Microcode Published Following "Inception"

    Following yesterday's disclosure of the AMD "Inception" security vulnerability and the Linux kernel patches merged for reporting the mitigation status as well as the kernel-based handling for earlier generation Zen CPUs, the Family 19h microcode mitigations have now been picked up by the linux-firmware.git repository...

    Updated AMD Family 19h Microcode Published Following "Inception" - Phoronix
    https://www.phoronix.com/news/AMD-Microcode-Inception
    Phoronix, Linux Hardware Reviews, Linux hardware benchmarks, Linux server benchmarks, Linux benchmarking, Desktop Linux, Linux performance, Open Source graphics, Linux How To, Ubuntu benchmarks, Ubuntu hardware, Phoronix Test Suite
    Tags: None
  • #2
    Reoccurring reminder, that the amd-ucode patches in linux-firmware are only for datacenter parts: Epyc and at times ThreadRipper and do not match the consumer desktop and laptop or even custom (steam deck) APUs: https://t.ly/8yWnY IMHO AMD should publish matching consumer microcode (should be mostly identical) and not let users in the rain for "maybe BIOS updates in October or December", ... :-/ In general I like to load the latest microcode myself, and not also flush the often differently broken BIOS and AGESA for that, ...
    Last edited by rene; 09 August 2023, 10:13 AM.
    • Likes 8

    Comment

    • #3
      rene I didn't know, that sounds bad.
      • Likes 1

      Comment

      • #4
        What a great time to compare vulnerabilities between intel and amd, like how both company deal with problem, some hints how well they design their chip, or how the vulnerability affects their customers.

        So far I see Intel messed up by not making catchy name for their vulnerability, and letting people name it with scary name

        Comment

        • #5
          Originally posted by bezirg View Post
          rene I didn't know, that sounds bad.
          Well, the problem requires local access to exploit, so as long as your PC is encrypted and not fully unlocked, I'd say this isn't particularly concerning.
          The ironic thing is, Ryzen systems are a lot more likely for this vulnerability to be taken advantage of than Epyc.

          Comment

          • #6
            Originally posted by schmidtbag View Post
            Well, the problem requires local access to exploit, so as long as your PC is encrypted and not fully unlocked, I'd say this isn't particularly concerning.
            The ironic thing is, Ryzen systems are a lot more likely for this vulnerability to be taken advantage of than Epyc.
            Yeah, I don't understand why Ryzen is so vulnerable. I mean: when the first exploits were discovered, people were like “oh, but Ryzen is designed soooo much better that previous AMD generations, so these kind of exploits aren't possible”. So why is Ryzen so vulnerable for this particular attack then?
            • Likes 1

            Comment

            • #7
              Originally posted by Vistaus View Post

              Yeah, I don't understand why Ryzen is so vulnerable. I mean: when the first exploits were discovered, people were like “oh, but Ryzen is designed soooo much better that previous AMD generations, so these kind of exploits aren't possible”. So why is Ryzen so vulnerable for this particular attack then?
              Those people were dumb. All cpu's are vulnerable to these kinds of exploits, because the whole class of hardware side-effect based bugs wasn't considered much back then. It was just a matter of which CPUs were getting the most attention from security researchers.

              That said, I would still argue that Ryzen was quite a bit better than Intel chips at the time. The vulnerabilities that have been found are the kind that are standard practice nowadays. Intel had some truly next-level ones. That's probably not the case anymore, as they improved once all the attention was focused on them.
              • Likes 5

              Comment

              Previous template Next
              Working...
              X