AMD Quietly Lists 31 New CPU Vulnerabilities, Issues Patch Guidance

BoerenkoolMetWorst · Jan 15, 2023

AMD quietly divulged 31 new CPU vulnerabilities in a January update, spanning its Ryzen chips for consumers and the EPYC data center processors. The vulnerability update also includes a list of AGESA versions, with mitigations for the impacted processors. AMD revealed the vulnerabilities in a coordinated disclosure with several researchers, including teams from Google, Apple and Oracle, which gave the company time to develop mitigations prior to the public listings. However, AMD didn't announce the vulnerabilities with a press release or other outreach — it merely posted the lists — so we're working to tease out the details and will update when we have more information.
Click to expand...

https://www.tomshardware.com/news/amd-discloses-31-new-cpu-vulnerabilities

Note: 3 of them affect consumer hardware, the other 28 affect Epyc.
They also don't seem be CPU vulnerabilities like side channel vulnerabilities, but rather vulnerabilities in UEFI, SMM, PSP etc.
So imho, there will be no performance penalties due to new mitigations, as the affected parts will receiver a proper patch that fixes the issue, compared to the side channel vulnerabilities that cannot be fixed, only mitigated.
The downside being that you need a bios/uefi update from your manufacterer to fix these issues, instead of being able to get new microcode from you OS depending on the OS.

Log in or Sign up

AMD Quietly Lists 31 New CPU Vulnerabilities, Issues Patch Guidance

BoerenkoolMetWorst Registered Member

Log in or Sign up

AMD Quietly Lists 31 New CPU Vulnerabilities, Issues Patch Guidance

BoerenkoolMetWorst Registered Member

Useful Searches