AMD has addressed the latest issue regarding its Zen 5 CPUs’ behavior when it comes to the utilization of the RDSEED instruction in 16-bit and 32-bit applications.
Discovered by a Meta engineer last month, Team Red has finally publicly acknowledged the problem in security bulletin AMD-SB-7055, detailing the bug that could return zero at a rate inconsistent with true randomness while still signaling success. Since the nature of both occurrences is opposite, applications and programs are prone to instability and produce unexpected results, especially when it comes to mission-critical and confidential data.
As mentioned, only the 16-bit and 32-bit versions are affected, while the 64-bit variant is still good for operation. Therefore, AMD suggests the use of 64-bit RDSEED where possible, block RDSEED discovery or use, or alter RDSEED usage specifically for Zen 5 processors so cryptographic or randomness-dependent code avoids relying on the faulty 16/32-bit paths. Practically speaking, that means developers and distro maintainers should audit where RDSEED is used and either fall back to the 64-bit call or disable the instruction on impacted machines until microcode fixes arrive.
As for the rollout, an update for AMD EPYC 9005 (Turin / Turin Dense cores) will be published via linux-firmware.git and with AGESA on November 14, while late-November releases will target the Ryzen 9000 and Ryzen AI 300 series. Meanwhile, EPYC Embedded 9000 and EPYC Embedded 4005 series are scheduled for mitigations in January.
Source: Phoronix
