ZenBleed: Zen2 Information Leakage



Update 'yer microcodes.

another day, another massive security leak due to trying to squeeze performance out of modern CPUs.

Welp. Played around with the proof of concept. The site was… rather overloaded yesterday.


Yup. It leaks!

Fuck me. Seriously. Architecturally visible leakage at a high rate. This is from a BOINC box, so I don’t care, but… ugh.

Interesting. BIOS update on one of my boxes and a microcode update didn’t fix it, but setting the chicken bit did.

wrmsr -a 0xc0011029 $(($(rdmsr -c 0xc0011029) | (1<<9)))

Oh man. Spicy kernel devs are always fun!