Описание
Improper handling of insufficient entropy in the AMD CPUs could allow a local attacker to influence the values returned by the RDSEED instruction, potentially resulting in the consumption of insufficiently random values.
Пакеты
| Пакет | Статус | Версия исправления | Релиз | Тип |
|---|---|---|---|---|
| amd64-microcode | fixed | 3.20251202.1 | package | |
| amd64-microcode | ignored | trixie | package | |
| amd64-microcode | ignored | bookworm | package |
Примечания
https://www.amd.com/en/resources/product-security/bulletin/amd-sb-7055.html
Workaround in Linux kernel by diabling RDSEED on AMD Zen 5 Turin:
https://lore.kernel.org/lkml/20251016182107.3496116-1-gourry@gourry.net/
https://gitlab.com/kernel-firmware/linux-firmware/-/commit/e637542fa8b9e0a88b0b2885072eea7df3737969
https://gitlab.com/kernel-firmware/linux-firmware/-/commit/646d97f5320d0f9038be6c5b9927305cafb0c1d7
Mitigations on Linux side: https://bugs.debian.org/1120972
EPSS
Связанные уязвимости
Improper handling of insufficient entropy in the AMD CPUs could allow a local attacker to influence the values returned by the RDSEED instruction, potentially resulting in the consumption of insufficiently random values.
Improper handling of insufficient entropy in the AMD CPUs could allow a local attacker to influence the values returned by the RDSEED instruction, potentially resulting in the consumption of insufficiently random values.
Improper handling of insufficient entropy in the AMD CPUs could allow a local attacker to influence the values returned by the RDSEED instruction, potentially resulting in the consumption of insufficiently random values.
EPSS