wikiBIOS security updates for AMD based systems
The following table shows available UEFI firmware/BIOS security updates for AMD based motherboards from Thomas-Krenn. In the columns of the table security holes are listed, which require UEFI firmware/BIOS updates. For each motherboard it is noted whether an update is already available for the respective vulnerability. Information about other motherboards can be found in the article BIOS security updates.
AMD based systems
| Security update | AMD Server Vulnerabilities – November 2021 AMD-SB-1021 Various CVEs |
Secure Encrypted Virtualization Invalid ECC Curve Points CVE-2019-9836 (EPYC only) |
2019.1 QSR INTEL-SA-00213 INTEL-SA-00223 Microarchitectural Data Sampling - ZombieLoad INTEL-SA-00233 |
2018.4 QSR INTEL-SA-00185 INTEL-SA-00191 |
Intel ME, CSME, SPS and TXE (INTEL-SA-00125, CVE-2018-3655) (INTEL-SA-00141, CVE-2018-3657, CVE-2018-3658, CVE-2018-3616) (INTEL-SA-00142, CVE-2018-3659) |
Spectre V3a and V4, Foreshadow L1 Terminal Fault (Intel-SA-00115, CVE-2018-3640, CVE-2018-3639) (Intel-SA-00161, CVE-2018-3615, CVE-2018-3620, CVE-2018-3646) |
Spectre Variant 2 (INTEL-SA-00088, CVE-2017-5715) |
|---|---|---|---|---|---|---|---|
| ASRock TRX40 Creator | under investigation | not affected | n/a | ||||
| ASUS PRIME X399-A | under investigation | not affected | not affected | not affected | not affected | not affected[1] | n/a |
| ASUS PRIME B350M-A | under investigation | not affected | not affected | not affected | not affected | not affected | BIOS 4023 |
| ASUS PRIME B450M-A | under investigation | not affected | |||||
| ASUS KNPP-D32 (Barebone RS700A-E9-RS12) |
under investigation | under investigation | not affected | not affected | not affected | not affected | BIOS 0902 |
| Supermicro H12SSW-NT (-iN) (Rome / Milan) |
BIOS 2.3 (in development) | BIOS 2.0 | not affected | not affected | not affected | not affected | BIOS 1.0c |
| Supermicro H12SSL-i (-NT, -CT) (Rome / Milan) |
BIOS 2.3 (in development) | BIOS 2.0 (But motherboard not affected from these security issues) | |||||
| Supermicro H11DSi-NT Rev 2 (Naples / Rome) |
BIOS 2.4 (in development) | BIOS 2.1 (But motherboard not affected from these security issues) | |||||
| Supermicro H11DSi-NT Rev 1 (Naples only) |
BIOS 1.4 (in development) | BIOS 1.3 | not affected | not affected | not affected | not affected | BIOS 1.0c |
| Supermicro H11SSL-i Rev 2 (Naples / Rome) |
BIOS 2.4 (in development) | BIOS 2.1 (But motherboard not affected from these security issues) | |||||
| Supermicro H11SSL-i Rev 1 (Naples only) |
BIOS 1.4 (in development) | BIOS 1.3 | not affected | not affected | not affected | not affected | BIOS 1.0a |
References
- ↑ AMD Processor Security Updates (amd.com, 14.08.2018) Foreshadow: As in the case with Meltdown, we believe our processors are not susceptible to these new speculative execution attack variants: L1 Terminal Fault – SGX (also known as Foreshadow) CVE 2018-3615, L1 Terminal Fault – OS/SMM (also known as Foreshadow-NG) CVE 2018-3620, and L1 Terminal Fault – VMM (also known as Foreshadow-NG) CVE 2018-3646, due to our hardware paging architecture protections. We are advising customers running AMD EPYC™ processors in their data centers, including in virtualized environments, to not implement Foreshadow-related software mitigations for their AMD platforms.
 |
Author: Thomas Niedermeier Thomas Niedermeier working in the product management team at Thomas-Krenn, completed his bachelor's degree in business informatics at the Deggendorf University of Applied Sciences. Since 2013 Thomas is employed at Thomas-Krenn and takes care of OPNsense firewalls, the Thomas-Krenn-Wiki and firmware security updates.
|
 |
Author: Werner Fischer Werner Fischer, working in the Knowledge Transfer team at Thomas-Krenn, completed his studies of Computer and Media Security at FH Hagenberg in Austria. He is a regular speaker at many conferences like LinuxTag, OSMC, OSDC, LinuxCon, and author for various IT magazines. In his spare time he enjoys playing the piano and training for a good result at the annual Linz marathon relay.
|
