I-AMD ityhile ubuthathaka (CVE-2025-54518) kwiiprosesa ezisekelwe kwi-microarchitecture ye-Zen 2 ebangela ukonakala kwe-object code cache. Ukusetyenziswa ngempumelelo kobu buthathaka kuvumela imiyalelo ye-CPU ukuba yenziwe kwinqanaba eliphezulu lamalungelo. Ngokwenyani, obu buthathaka bunokuvumela ukunyuka kwamalungelo, umzekelo, ukusebenzisa ikhowudi ngamalungelo e-kernel ukusuka kwindawo yomsebenzisi okanye ukufikelela kwindawo yokusingatha ukusuka kumatshini obonakalayo.
Ubusesichengeni bufunyenwe ngabasebenzi be-AMD; iinkcukacha zokuxhaphaza azikafumaneki okwangoku. Kuthiwa le ngxaki ibangelwa kukwahlulwa okungafanelekanga kwezixhobo ezabelwana ngazo xa kusenziwa imisebenzi nge-CPU object code cache. Ngokonakalisa izinto kwi-cache, umhlaseli unokutshintsha imiyalelo eyenziwe kwinqanaba elahlukileyo lelungelo.
Ububuthathaka buchaphazela kuphela iiprosesa ze-AMD ezisekelwe kwi-microarchitecture ye-Zen2 (Fam17h). Le ngxaki ichaphazela i-Xen hypervisor kwaye ingasetyenziselwa ukudlula ukwahlulwa. Kupapashwe iipatches kwiinguqulelo ze-Xen 4.17 ukuya kwi-4.21. Ulungiso lokuthintela ububuthathaka lungenisiwe ukuze lufakwe kwi-kernel. Linux.
Ubuthathaka bulungisiwe ekwindla edlulileyo kwi-desktop nakwiselula i-AMD Ryzen 3000, 4000, 5000, 7020, 7030, kunye ne-Threadripper PRO 3000 WX CPUs. Kwii-CPU ze-AMD Ryzen Embedded V2000, ubuthathaka bulungisiwe ekupheleni kukaDisemba. Le ngxaki ayikalungiswa kwiiprosesa ze-AMD EPYC 7002 series, kwaye kucetywa ukuba ivalwe kwinqanaba lenkqubo yokusebenza.
umthombo: opennet.ru
