On 26.11.2025 14:22, Andrew Cooper wrote: > This was potentially helpful when the chickenbit was the only mitigation and > microcode had not been released, but that was two years ago. > > Zenbleed microcode has been avaialble since December 2023, and the subsequent > Entrysign signature vulnerability means that firmware updates block OS-loading > and more OS-loadable microcode will be produced for Zen2. > > i.e. the Zenbleed fix is not going to appear at runtime these days. > > No practical change. > > Signed-off-by: Andrew Cooper <[email protected]>
Acked-by: Jan Beulich <[email protected]> on the basis that people unwilling to update their firmware already accept being vulnerable. To them this might be a perceived regression, i.e. not exactly "No practical change", but we kind of accept that possibility. Jan
