wikiSafety instructions for AMD-SB-3027
On January 15th, AMD published the Security Bulletin AMD-SB-3027 [1]. AMD assumes that this security vulnerability is attributable to inadequate access controls, which prevents to set an internal configuration bit.
This attack could enable a malicious hypervisor to manipulate the configuration of the CPU-pipeline, which could potentially cause damage to the stack pointer within an SEV-SNP guest running on the sibling SMT (Simultaneous Multithreading) thread.
AMD published remedial measures for these security vulnerabilities.
Affected systems
Here is a tabular presentation of the affected processors.
| Program | Former Code Name | Mitigation
Option 1: µcode Option 2: AGESA/PI |
SEV Mitigation Vector Bit | CVE | |
|---|---|---|---|---|---|
| AMD EPYC™ 7002 Series Processors | "Rome" | Not Affected | CVE-2025-29943 | ||
| AMD EPYC™ 7003 Series Processors | “Milan” | 0x0A0011DB | Milan B1:0x0A0011DE
Milan-X:0x0A001247 OR MilanPI 1.0.0.H |
µcode standalone release: 2025-07-14
AGESA Release 2025-09-04 | |
| AMD EPYC™ 7003 Series Processors | "Milan-X" | 0x0A001244 | |||
| AMD EPYC™ 9004 Series Processors | "Genoa"/ | 0x0A101154 | Genoa:0x0A101156
Genoa-X: 0x0A101251 Bergamo/Sienna A2: 0x0AA0021B OR GenoaPI 1.0.0.H |
µcode standalone release: 2025-07-14
AGESA Release 2025-12-15 | |
| "Genoa-X" | 0x0A10124F | ||||
| "Bergamo" | 0x0AA00219 | ||||
| AMD EPYC™ 9005 Series Processors | "Turin Classic" | 0x0B00211E | Turin C1: 0x0B002151
Turin Dense B0: 0x0B10104E OR TurinPI 1.0.0.6 |
µcode standalone release: 2025-07-14
AGESA Release: 2025-06-30 | |
| “Turin Dense” | 0x0B101028 | ||||
In the following, there is an extract from this table, in which all Supermicro mainboards are contained that are offered by Thomas-Krenn: [2]
| AMD motherboard | BIOS version |
|---|---|
| H12SSW-iN/NT | 3.5 |
| H12SSL-i/C/CT/NT | 3.5 |
| H12DSi-N6/NT6 | 3.5 |
| H13SSW | 3.7 |
| H13SSL-N/NT | 3.7 |
Updates for products of Thomas-Krenn
Updates on the corresponding system can be found in the download area of Thomas-Krenn. The updates in the download area have been tested by us to guarantee the stability and compatibility of our systems.
If you require the latest version for your system and it is not yet available in our download area, you can get it at Asus, Supermicro or Gigabyte.
References
- ↑ SEV-SNP Guest Stack Pointer Corruption Vulnerability (www.amd.com/en/resources/product-security)
- ↑ AMD Security Bulletin AMD-SB-3027, Januar 2027 (www.supermicro.com)
More information
- AMD Security Bulletin AMD-SB-3027 (supermicro.com, Januar 2026)
 |
Author: Thomas-Krenn.AG At Thomas-Krenn.AG we pay attention to the best possible service. To do justice to this, we have created our Thomas-Krenn Wiki. Here we share our knowledge with you and inform you about basics and news from the IT world. You like our knowledge culture and want to become part of the team? Visit our job offers.
|
 |
Translator: Alina Ranzinger Alina has been working at Thomas-Krenn.AG since 2024. After her training as multilingual business assistant, she got her job as assistant of the Product Management and is responsible for the translation of texts and for the organisation of the department.
|
