Save up to 30% on Dedicated Servers – Chat Now!

Mitigating AMD EPYC “Zenbleed” Vulnerability – Understanding and Taking Action

We are writing this post in response to a customer query about the newly identified vulnerability, CVE-2023-20593, also known as “Zenbleed.” This vulnerability affects specific Zen AMD processors which – of course – some of our customers are running.  As always, we at Hivelocity are committed to your security, so in this post we’ll be providing some critical information about the vulnerability and the steps to take to ensure your data remains secured.

The Zenbleed Vulnerability: An Overview

Zenbleed is a use-after-free vulnerability related to the improper handling of an instruction pointer, ‘vzeroupper’, during speculative execution in certain AMD processors. To put it in simpler terms, under certain conditions, a register in “Zen 2” CPUs may not be correctly zeroed. This could potentially allow an attacker to access sensitive information.

Affected Versions:

This vulnerability affects the following processors:

  • AMD Ryzen 3000 Series
  • AMD Ryzen PRO 3000 Series
  • AMD Ryzen Threadripper 3000 Series
  • AMD Ryzen 4000 Series with Radeon Graphics
  • AMD Ryzen PRO 4000 Series
  • AMD Ryzen 5000 Series with Radeon Graphics
  • AMD Ryzen 7020 Series with Radeon Graphics
  • AMD EPYC “Rome” Processors

How to Determine Vulnerability

You can check if your server is vulnerable by following the PoC (Proof of Concept) write-up available on GitHub: Zenbleed PoC Writeup.

We’ve included a brief overview of the necessary steps below:

  1. Install dependencies
  2. Download the Zenbleed vulnerability test
  3. Compile and run the test
  4. Generate traffic if your server isn’t busy
  5. Check the results

A server showing vulnerability to Zenbleed should produce results similar to this tweet.

Patching the Vulnerability

For Ubuntu and Debian users, updates have been released for a microcode patch of the Zenbleed vulnerability:

  • Ubuntu users can follow the instructions in this advisory and update the system accordingly.
  • Debian users can refer to this advisory and apply the necessary updates.

Our Security team is working closely with Supermicro to get a BIOS firmware update available for all of client’s as well. When we have this patch we will amend this post to include links to it as well.

We understand the severity of this situation and are doing everything we can to mitigate any potential risks. For more information about the Zenbleed vulnerability, we recommend the detailed write-up by lock.cmpxchg8b.com and the kernel patch on git.kernel.org.

To stay up to date on new Operating Systems and BIOS patches follow us on twitter.

We appreciate your patience and understanding as we navigate this situation together. As always, we’re here to answer any questions and concerns you might have. Please do not hesitate to get in touch.

Hivelocity, as always, committed to your success and security.

Leave a Comment

Your email address will not be published. Required fields are marked *

Related Articles

Hero image with illustration of cloud VPS
Hivelocity News

Unleashing Scalability: The Benefits of Hivelocity VPS

As your organization grows, the necessity for a robust and scalable hosting solution capable of supporting your evolving digital infrastructure becomes essential. You might have the best application in the world, but without the systems in place to support its growth, your potential success will be limited. With their combination …

Continue read
Hivelocity News

[Webinar] The Future of Cybersecurity: A Survival Guide

With several high-profile hacks hitting some of the biggest companies such as LastPast, and GoDaddy just to name a few, it is vital to stay ahead of the game. Eric Ellis, CloudLinux Technical Account Manager, and Eric Lewellen, Hivelocity System Admin, will host this upcoming webinar, where they will discuss …

Continue read