[tom's hardware] AMD 'Zenbleed' Bug Leaks Data From Zen 2 Ryzen, EPYC CPUs: Most Patches Coming Q4 (Updated)
Tavis Ormandy, a researcher with Google Information Security, posted today about a new vulnerability he independently found in AMD's Zen 2 processors. The 'Zenbleed' vulnerability spans the entire Zen 2 product stack, including AMD's EPYC data center processors and the Ryzen 3000/4000/5000 CPUs.
![[tom's hardware] AMD 'Zenbleed' Bug Leaks Data From Zen 2 Ryzen, EPYC CPUs: Most Patches Coming Q4 (Updated)](https://images.unsplash.com/photo-1591799264318-7e6ef8ddb7ea?crop=entropy&cs=tinysrgb&fit=max&fm=jpg&ixid=M3wxMTc3M3wwfDF8c2VhcmNofDV8fGFtZHxlbnwwfHx8fDE2OTAzOTA5OTd8MA&ixlib=rb-4.0.3&q=80&w=1200)
The Zenbleed vulnerability is filed as CVE-2023-20593 and allows data exfiltration (theft) at a rate of 30kb per core, per second, thus providing adequate throughput to steal sensitive information flowing through the processor. This attack works across all software running on the processor, including virtual machines, sandboxes, containers, and processes. The ability for this attack to read data across virtual machines is particularly threatening for cloud service providers and those who use cloud instances
AMD ‘Zenbleed’ Bug Leaks Data From Zen 2 Ryzen, EPYC CPUs: Most Patches Coming Q4 (Updated)
A huge Zen 2 leak requires a patch.
Paul Alcorn
![[TheRegister] FreSSH bugs undiscovered for years threaten OpenSSH security](https://images.unsplash.com/photo-1629654297299-c8506221ca97?crop=entropy&cs=tinysrgb&fit=max&fm=jpg&ixid=M3wxMTc3M3wwfDF8c2VhcmNofDF8fGxpbnV4fGVufDB8fHx8MTc0MDg0ODA0N3ww&ixlib=rb-4.0.3&q=80&w=960)
![[NetworkSecurity] BGP Flaw Can Be Exploited for Prolonged Internet Outages #CVE-2023-38802](https://images.unsplash.com/photo-1446776653964-20c1d3a81b06?crop=entropy&cs=tinysrgb&fit=max&fm=jpg&ixid=M3wxMTc3M3wwfDF8c2VhcmNofDE1fHxuZXR3b3JrfGVufDB8fHx8MTY5MzQwMjczOXww&ixlib=rb-4.0.3&q=80&w=960)
![[Mashable] Discord.io suffers massive data breach, announces closure](https://images.unsplash.com/photo-1614680376739-414d95ff43df?crop=entropy&cs=tinysrgb&fit=max&fm=jpg&ixid=M3wxMTc3M3wwfDF8c2VhcmNofDF8fGRpc2NvcmR8ZW58MHx8fHwxNjkyNzYwMTg4fDA&ixlib=rb-4.0.3&q=80&w=960)
![[Ubuntu] USN-6250-1: Linux kernel vulnerabilities (severe!)](https://images.unsplash.com/photo-1629654291663-b91ad427698f?crop=entropy&cs=tinysrgb&fit=max&fm=jpg&ixid=M3wxMTc3M3wwfDF8c2VhcmNofDF8fHVidW50dXxlbnwwfHx8fDE2OTA0MzkxODF8MA&ixlib=rb-4.0.3&q=80&w=960)