Linux Kernel RDSEED Vulnerability Fix for AMD Zen5

A vulnerability in the Linux kernel's handling of the RDSEED instruction has been addressed for AMD Zen5 processors. The issue arose because the 16-bit and 32-bit output variants of RDSEED returned a random value of 0 at a rate inconsistent with true randomness, while incorrectly indicating success. This vulnerability could lead to predictable random number generation, which is critical in cryptographic operations. The fix involves adding a check for the microcode version to ensure proper functionality of the RDSEED instruction.

Impact

The vulnerability could cause the RDSEED instruction to malfunction, returning non-random values and potentially leading to predictable outcomes in applications relying on this instruction for randomness.

Remediation

Users can apply the latest patches from the Linux kernel stable tree to address this vulnerability. Instructions for downloading the patched version are available in the Linux kernel repository.