AMD-SB-7009: Any BIOS update in preparation for the AMD FWs?

It looks like the AMD FWs are affected by some of the security issues described in AMD’s recent security bulletin AMD-SB-7009 (

My question to the FW folks around here: Do you have a BIOS update in preparation to mitigate these issues?

This is probably handled by a microcode update that will be loaded automatically by the Linux system when loaded.
Note that the explanations show that the user/hacker must have gained access to your system already to exploit these.

1 Like

I am not quite sure, if these will be corrected by the amd64-microcode package, since Heise’s news post ( … sorry, in German) implies that these issues are to be fixed by BIOS updates (and they tend to be well-informed).

1 Like

No problem for the German :wink:

 Microcode- und Firmwareupdates sollten dagegen helfen

Well, both should. Sadly, on older hardware, only firmwareupdates will help, as manufacturers won’t bring out new BIOS’s. Luckily for FW owners, these devices are not that old :wink:

Yes, you are right. However, they are not fully consistent:

Diese müssen Mainboard- und Computerhersteller jedoch
in ihre BIOS-Versionen einpflegen und an Endkunden verteilen.

Thank you for screening the post thoroughly.

At any rate I will scroll through the release notes of the amd64-microcode package next time apt presents an upgrade of that package in my Debian Bookworm.

I actually did, but the BIOS IMHO is not the right place to fix it. I just pointed to the firmware update too.

Does this thread answer your questions AMD processor vulnerabilities - Community Support - Framework Community

1 Like

Thank you so much for bringing this to my attention … and a big “thank you” to the Framework folks for being so responsive and transparent at the same time. This attitude makes the difference.