Heck they are taking attention away from the original authors and what shining a spotlight at their hardware partner’s flaw?
2023-07-25: Microcode patch for [Zenbleed](https://lock.cmpxchg8b.com/zenbleed.html) ([CVE-2023-20593](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-20593)) now rolling out across fleet, expected complete 2023-mm-dd, no evidence of exploitation so far.
If the post actually did a better job than other sources of explaining the problem to at least some potential audience, I would’ve welcomed it, and in fact I’m probably crabby exactly because I’ve come to expect good and frank technical explanations from the Cloudflare blog (whatever I may think of their business). But this one is just meh, with a sprinkling of bleh from the forced cheer in the title.
(Sez I who has just spent 200 words’ worth of English just to complain.)
Do we really need a blog post every-time they run apt/yum update?
As a sidenote, any word on Microsoft working on this?
If you're running the latest kernel, which automatically sets the chicken bit, you don't have to worry about this.
If you're running fixed microcode, which is only available for Rome, Castle Peak and Mendocino, you don't have to worry about this. Good microcode revisions are:
Rome / Castle Peak: 0x0830107a (published)
Xbox Series X: unknown
Renoir / Grey Hawk: 0x0860010b
Lucienne: 0x08608105
Matisse: 0x08701032
Van Gogh (Steam Deck): unknown
Mendocino: 0x08a00008 (published)
wrmsr -a 0xc0011029 $(($(rdmsr -c 0xc0011029) | (1<<9)))It's not easy to set chicken bit manually either.
In other words windows on AMD Zen2 is fcked.
Zenbleed - https://news.ycombinator.com/item?id=36848680 - July 2023 (355 comments)
OpenBSD on Zenbleed - https://news.ycombinator.com/item?id=36852300 - July 2023 (59 comments)