this post was submitted on 12 Aug 2023
104 points (99.1% liked)

Steam Deck

14838 readers
165 users here now

A place to discuss and support all things Steam Deck.

Replacement for r/steamdeck_linux.

As Lemmy doesn't have flairs yet, you can use these prefixes to indicate what type of post you have made, eg:
[Flair] My post title

The following is a list of suggested flairs:
[Discussion] - General discussion.
[Help] - A request for help or support.
[News] - News about the deck.
[PSA] - Sharing important information.
[Game] - News / info about a game on the deck.
[Update] - An update to a previous post.
[Meta] - Discussion about this community.

Some more Steam Deck specific flairs:
[Boot Screen] - Custom boot screens/videos.
[Selling] - If you are selling your deck.

These are not enforced, but they are encouraged.

Rules:

Link to our Matrix Space

founded 3 years ago
MODERATORS
all 8 comments
sorted by: hot top controversial new old
[–] autotldr@lemmings.world 25 points 1 year ago

This is the best summary I could come up with:


Last month when the Linux kernel was mitigated for Zenbleed as a CPU vulnerability affecting AMD Zen 2 processors, it turns out the Steam Deck APU was accidentally left without coverage.

An x86/urgent pull request sent out today for the Linux 6.5 kernel and for back-porting to current stable Linux kernel releases will extend the Zenbleed mitigation to protect Steam Deck gamers.

Most notable with these fixes is adding models 0x90-0x91 to the range of AMD Zenbleed-affected Zen 2 processors.

It looks like the Steam Deck's custom APU was just accidentally left out in the original Zenbleed patch.

This patch enables the Zenbleed fallback fix until a proper CPU microcode update is available for the Steam Deck.

Zenbleed (CVE-2023-20593) was disclosed last month after this data leakage vulnerability was discovered by a Google researcher.


I'm a bot and I'm open source!

[–] vividspecter@lemm.ee 17 points 1 year ago (1 children)

If there is a performance cost for this, hopefully it isn't too high given the limited resources of the Deck.

[–] MDKAOD@lemmy.ml 7 points 1 year ago* (last edited 1 year ago) (1 children)

The headroom required for the mitigation is statistically insignificant according to the details page on the cve.

see the comparison chart.

[–] vividspecter@lemm.ee 0 points 1 year ago

Good to see. That seems to have been the case with most of the AMD vulnerabilities actually. Which stands in stark contrast to the "up to 50%" hit of Intel's Downfall, and some of the other Intel vulnerabilities.

[–] Tag365@lemmy.zip 7 points 1 year ago (2 children)
[–] unscholarly_source@lemmy.ca 8 points 1 year ago

It's a vulnerability that affects AMD CPUs that can potentially lead to unintentional/malicious data leak.

https://security.googleblog.com/2023/08/downfall-and-zenbleed-googlers-helping.html?m=1