Debian: DSA-5459-1: amd64-microcode security update
Summary
For details please refer to
https://lock.cmpxchg8b.com/zenbleed.html
https://github.com/google/security-research/security/advisories/GHSA-v6wh-rxpg-cmm8
The initial microcode release by AMD only provides updates for second
generation EPYC CPUs: Various Ryzen CPUs are also affected, but no
updates are available yet. Fixes will be provided in a later update once
they are released.
For more specific details and target dates please refer to the AMD
advisory at
https://www.amd.com/en/resources/product-security/bulletin/amd-sb-7008.html
For the oldstable distribution (bullseye), this problem has been fixed
in version 3.20230719.1~deb11u1. Additionally the update contains a fix
for CVE-2019-9836.
For the stable distribution (bookworm), this problem has been fixed in
version 3.20230719.1~deb12u1.
We recommend that you upgrade your amd64-microcode packages.
For the detailed security status of amd64-microcode please refer to
its security tracker page at:
https://security-tracker.debian.org/tracker/source-packa...