More than 50 vulnerabilities have been found in AMD EPYC processor and Radeon graphics drivers.
Click here to post a comment for More than 50 vulnerabilities have been found in AMD EPYC processor and Radeon graphics drivers. on our message forum
cucaulay malkin
how come we're only learning about it now when there's already 50 of them ? have they found 50 at the same time ?
P.O.N.
I would never ever have suspected there was something bad going on with AMD's Graphics Drivers
Horus-Anhur
These tech companies have teams to find these bugs and security flaws. They also have bounties to give out to people who find these flaws.
This means that most flaws are corrected, before being made public.
It's normal to see these kind of things on release notes for drivers and bios updates.
I have already seen a few for nVidia, Intel, Apple, AMD, etc.
It just means, these companies are doing their jobs.
cucaulay malkin
lol
Sylencer
Is it this time of the year again already?
SpajdrEX
Yes, it is! Christmas will come to you early this year!
And unlike previous years, this year we're releasing new vulnerabilities rather than new driver features, and we hope everyone enjoys it.
cucaulay malkin
https://images.anandtech.com/doci/14282/amd-50-678_678x452.png
rl66
It is Xmas but also debut with new Intel and the "new" 2060 with new version of 30** debut...
rl66
more seriously you are right Apple just shown what they have corrected last week.
cucaulay malkin
it'd be silly to do otherwise
like inviting trouble
fantaskarsef
Well, now let's see how AMD's patches cripple performance, or not. Just when you plan your next rig to be AMD because of Intel's sec issues, they happen to discover some in the other camp as well.
cucaulay malkin
it's on epyc
tunejunky
just. one. thing.
"AMD Xeon CPU" ?????? odd typo
fantaskarsef
Ah, true, I kind of missed that. My question beyond the OP would be, is any of the affected software components not present in mainstream AMD CPUs?
Benchmarks would still be interesting.
cucaulay malkin
we'd see a drop in performance in i.e. recent 12th gen benchmarks for r5000,and we didn't.
waltc3
Surprise, suprise--as is the case with most "security bulletins," all of these have already been fixed/patched...;) Indeed, if you are someone who updates his drivers on a regular basis, chances are excellent that every security bulletin you read will concern vulnerabilities already patched some time ago. I guess they do the "alarm" bit for page hits, and usually it's only in the last sentence in the bulletin that you learn when they were patched. This used to go on with Windows years ago, and still does, though much more muted today...same exact thing..."10,000 vulnerabilities in Windows (x version)!" and then you read the thing and in the last sentence it says, "If you have patched your system with recent service patches released four months ago then you are good to go as you are already patched!" Usually, these things are much ado about nothing, I've found over the years.
waltc3
These are software vulnerabilities--nothing in the CPUs themselves. And, already patched.
JamesSneed
The upside is they should be able to get any hardware mitigations that are possible implemented in Zen4.
JamesSneed
The EPYC vulnerabilities were not software hence the microcode updates.
JOHN30011887
Always goes back and forth, i found it funny when some amd fanboys mocked intel when they had few vulnerabilities etc and look, now its amd's turn again, it will prob not end any time soon with amd and intel
