Which is 0bc3126c9cfa0b8c761483215c25382f831a7c6f and b250b32ab1d044953af2dc5e790819a7703b7ee6
And b250b32ab1d044953af2dc5e790819a7703b7ee6 appears to be the commit I linked ealier at git.kernel.org so hopefully up-to-date Arch is not vulnerable to zenbleed
Either way, as noted elsewhere in the comments, only the Rome CPU series has received updated microcode with fixes. All other Zen 2 users need the fix that was released as part of Linux 6.4.6: https://lwn.net/Articles/939102/
amd-ucode 20230625.ee91452d-5
last updated 2023-07-25 11:48 UTC
Contains the microcode update that addresses this?
https://git.kernel.org/pub/scm/linux/kernel/git/firmware/lin... says that the fixed version is 2023-07-18, but the amd-ucode version in Arch is 20230625.. but it was last updated in 2023-07-25..
My guess is that this is still getting the 20230625 firmware, per the PKGBUILD at https://gitlab.archlinux.org/archlinux/packaging/packages/li...
Which contains those lines
_tag=20230625
source=("git+https://git.kernel.org/pub/scm/linux/kernel/git/firmware/lin...")
I suppose that it isn't up to date and thus Arch Linux is still vulnerable, right?
edit:
but actually there's two commits in the _backports array (which contains cherry-picked commits) that was last edited 20 hours ago
https://gitlab.archlinux.org/archlinux/packaging/packages/li...
Which is 0bc3126c9cfa0b8c761483215c25382f831a7c6f and b250b32ab1d044953af2dc5e790819a7703b7ee6
And b250b32ab1d044953af2dc5e790819a7703b7ee6 appears to be the commit I linked ealier at git.kernel.org so hopefully up-to-date Arch is not vulnerable to zenbleed