"Zenbleed" bug affects all Zen 2-based Ryzen, Threadripper, and EPYC CPUs.

The bug allows attackers to swipe data from a CPU’s registers. […] the exploit doesn’t require physical hardware access and can be triggered by loading JavaScript on a malicious website.

  • cwagner@lemmy.cwagner.me
    2·
    1 year ago

    Tailscale… accessible from where?

    It’s a wireguard based VPN, so asccessible from my Tailscale network ;) It would require someone hacking Tailscale, and if they manage that, they’d have a lot of more interesting, mainly corporate, targets than me :D

    On the VPS, check cpuinfo to see if it’s one of the vulnerable ones. If it is, then I’d either ask them directly, avoid that kind of VPS for a while, or use it for non-sensitive stuff until it gets a fix.

    Planning to do so, I think it’s an EPYC. But I’m not home for another day and don’t have my certificate to SSH to the machine ;) For work I actually remembered we use a dedicated server, so all payload is controlled by us anyway.

    ARM… will have its day.

    As I said

    safe for now ;)