Messages

1

Tutorials and FAQs / Re: How to enable automatic microcode updates

« on: October 01, 2024, 03:17:43 am »

After updating my DEC850 's (AMD EPYC) firmware and installing the new microcode plugin, I used SSH to see the running microcode version:

0x800126f

Unfortunately, I forgot to check the microcode version before I installed the plugin.

Is 0x800126f the latest?
 
When was it released?

If released recently, did it fixed the SinkClose vulnerability?

I didn't find the answers in numerous online searches.

I'm still waiting for the sinkclose fix before I deploy my new DEC850.

2

Tutorials and FAQs / Re: How to enable automatic microcode updates

« on: September 10, 2024, 04:02:16 am »

FYI — version 24.7.2 (August 21, 2024), opnsense release doc:

“As a special note we now have native CPU microcode update plugins for either AMD or Intel to install from the GUI. Apart from a reboot these plugins require no further user interaction and will keep the applicable microcode at the latest known version as shipped in the packages repository.”

3

Tutorials and FAQs / Re: How to enable automatic microcode updates

« on: August 13, 2024, 10:03:33 am »

I, too, would like to know the estimated fix date for the SinkClose vulnerability in the EPYC 3201 in my OpnSense DEC850.

My DEC850 is new. I configured it but haven't deployed it yet. I'll wait until SinkClose is patched.

AMD's advisory seems to list the Embedded EPYC 3000 [series] "target" as Oct 2024, if I read it correctly:
https://www.amd.com/en/resources/product-security/bulletin/amd-sb-7014.html

Then I assume OpnSense will need X weeks to incorporate the fix.

So maybe Oct at the earliest but Nov or Dec more likely.

I can wait but was looking forward to installing the DEC850 this week.