[Security][Mitigated] Zenbleed (CVE-2023-20593)

Update [2023-07-25 21:00:00]:

We have completed mitigation of Zenbleed (CVE-2023-20593) on the Nectar Research Cloud.

This is a mitigation in the running kernel, while we wait for the official vendor patches in the amd64 microcode and linux kernel. These patches will require a reboot of the hypervisors, and will most likely be disruptive. There will be separate announcement for scheduled maintenance as this happens.

Original announcement [2023-07-25 16:00:00]:

Nectar is aware of the recently disclosed Zenbleed vulnerability affecting AMD CPUs. We are triaging the vulnerability and awaiting vendor responses. We will update this once we have more information.

Due to the severity of this vulnerability, we have decided to apply a temporary mitigation, in lieu of vendor patches, to keep our users safe.


[2023-07-25 16:00:00] We have began applying mitigation to the Nectar Research Cloud

[2023-07-25 16:53:00] Mitigation has been applied to QRIScloud availability zone

[2023-07-25 17:26:00] Mitigation has been applied to intersect availability zone

[2023-07-25 19:03:00] Mitigation has been applied to tasmania availability zone

[2023-07-25 19:55:00] Mitigation has been applied to melbourne-qh2 and melbourne-qh2-uom availability zone

[2023-07-25 20:48:00] Mitigation has been applied to auckland availability zone

[2023-07-25 21:00:00] We have completed mitigation on the Nectar Research Cloud

1 person likes this