The Auton Lab Zenbleed response
Predrag Punosevac
predragp at andrew.cmu.edu
Wed Jul 26 14:20:04 EDT 2023
Dear Autonians,
Some of you might have heard of the latest security nightmare called
Zenbleed which affects AMD products discovered by the Google security team.
Those of you who are curious might read more about it here
https://lock.cmpxchg8b.com/zenbleed.html
Currently all Auton Lab parameter firewalls and network related servers run
OpenBSD on the Intel hardware and are not affected with these bugs.
OpenBSD does not use the AVX instructions to the same extent that Linux and
Microsoft do, so this is not as important. However, attacks built upon
primitives are getting better and they will soon pose major security
threats. Consequently, I patched today's OpenBSD machines and updated
bootblocks accordingly. This action did require reboot.
Most other OSs, unlike OpenBSD, are relying on vendor support. They are
still affected. After denying the problem AMD will release microcode for
their top of the line products soon but consumer grade CPUs will have to
wait until Thanksgiving :-)
What does all of the above mean in practical terms? If you are security
conscient you should not be using AMD based products for online banking or
have your computer connected to the internet while trying to see encrypted
files. Our top of the line GPU nodes utilize the latest and the greatest
AMD products (just like many other HPC intensive shops). They are all
affected by these series of bugs. As long as you are not doing online
banking on GPU[24-27] you will be OK.
Most Kind Regards,
Predrag Punosevac
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://mailman.srv.cs.cmu.edu/pipermail/autonlab-users/attachments/20230726/c22d3356/attachment.html>
More information about the Autonlab-users
mailing list