Addressing the Zenbleed Vulnerability (CVE-2023-20593) in AMD 7200 Series Servers on Proxmox

Affected Products: AMD 7200 series servers running Proxmox

 

Overview

A critical security vulnerability, termed "Zenbleed" (CVE-2023-20593), has been identified in the AMD 7200 series servers running Proxmox. This flaw could potentially lead to data theft at a rate of 30kb per core, per second. Immediate action is required to safeguard your servers against this exploit.

Symptoms:

  • Potential unauthorized data access.
  • Data theft at a rate of 30kb per core, per second as it passes through the processor.

Solution

Follow the steps below to apply the necessary updates on your Proxmox server:

Step 1: Add the Unstable Repository:

Execute the following command to add the unstable repository to your Debian server's configuration:

echo "deb http://deb.debian.org/debian/ unstable non-free-firmware" > /etc/apt/sources.list.d/debian-unstable.list

Step 2: Update Repositories:

Update all repositories with the command:

apt update

Ensure no packages will upgrade from the unstable repository by checking for upgradable packages:

apt list --upgradable

Step 3: Install Microcode Package for AMD CPU

Install the appropriate microcode package for AMD CPUs with the command:

apt install amd64-microcode

Step 4: Reboot the Server.

To apply the changes and ensure the microcode updates take effect, reboot your server with:

Reboot

Step 5: Verify Microcode Update

After rebooting, confirm the microcode has been updated correctly by executing:

journalctl -k --grep="microcode updated early to"

 

Important Note

This is a critical  security update. We urge you to apply these steps immediately to ensure the security of your Proxmox servers against the Zenbleed vulnerability.

For further assistance or questions, please refer to the official Proxmox documentation or community forums.


Was this article helpful?

mood_bad Dislike 0
mood Like 0
visibility Views: 538