AMD Security Bulletin AMD-SB-7039, June 2025

AMD Security Bulletin AMD-SB-7029, July 2025

Vulnerability Disclosure:

Supermicro is aware of the transient execution security vulnerabilities in some AMD processors. AMD discovered several side-channel attacks while investigating a Microsoft® report titled “Enter, Exit, Page Fault, Leak: Testing Isolation Boundaries for Microarchitectural Leaks”.

CVE:

CVE-2024-36350
- Severity: Medium
CVE-2024-36357
- Severity: Medium
CVE-2024-36348
- Severity: Low
CVE-2024-36349
- Severity: Low

Findings:

AMD has debugged several types of cross-domain informational leakage. and discovered a new speculative side-channel affecting AMD CPUs termed Transient Scheduler Attacks (TSA). These are speculative side-channel attacks related to the execution timing of instructions under specific microarchitectural conditions. In some cases, an attacker may be able to use this timing information to infer data from other contexts, potentially resulting in information leakage.

Affected products:

AMD Motherboard Generation	BIOS Version with Fix
H12 – H12SSW-AN6 – EPYC™ 7002/7003 series	v 3.3
H12 – H12SSW-iNR/NTR – EPYC 7002/7003 series	v 3.3
H12 – H12SSW-iNL/NTL – EPYC 7002/7003 series	v 3.3
H12 – H12DSG-O-CPU – EPYC 7002/7003 series	v 3.3
H12 – H12DST-B – EPYC 7002/7003 series	v 3.3
H12 – H12SST-PS – EPYC 7002/7003 series	v 3.3
H12 – H12SSW-iN/NT – EPYC 7002/7003 series	v 3.3
H12 – BH12SSi-M25 – EPYC 7002/7003 series	v 3.3
H12 – H12DSU-iN – EPYC 7002/7003 series	v 3.3
H12 – H12SSFF-AN6 – EPYC 7002/7003 series	v 3.3
H12 – H12SSL-i/C/CT/NT – EPYC 7002/7003 series	v 3.3
H12 – H12DSi-N6/NT6 – EPYC 7002/7003 series	v 3.3
H12 – H12SSFR-AN6 – EPYC 7002/7003 series	v 3.3
H12 – H12DSG-Q-CPU6 – EPYC 7002/7003 series	v 3.3
H12 – H12SSG-AN6 – EPYC 7002/7003 series	v 3.3
H12 – H12DGQ-NT6 – EPYC 7002/7003 series	v 3.3
H12 – H12SSG-ANP6 – EPYC 7002/7003 series	v 3.3
H12 – H12DGO-6 – EPYC 7002/7003 series	v 3.3
H12 – H12DSU-iNR – EPYC 7002/7003 series	v 3.3
H13 – H13SSW – EPYC 9004/9005 series	v 3.5
H13 – H13DSH – EPYC 9004/9005 series	v 3.5
H13 – H13DSG-O-CPU – EPYC 9004/9005 series	v 3.5
H13 – H13SST-G/GC – EPYC 9004/9005 series	v 3.1
H13 – H13SSL-N/NC – EPYC 9004/9005 series	v 3.4
H13 – H13SSH – EPYC 9004/9005 series	v 3.4
H13 – H13DSG-O-CPU-D – EPYC 9004 series	v 3.4
H13 – H13SSF – EPYC 9004/9005 series	v 3.5
H13 – H13SVW – EPYC 9004	v 1.3
H13 – H13DSG-OM – EPYC 9004/9005 series	v 3.5
H14 – H14DSH – EPYC 9004/9005 series	v 1.5
H14 – H14SST – EPYC 9004/9005 series	v 1.3
H14 – H14DSG-OD – EPYC 9004/9005 series	v 1.4a

Remediation:

All affected Supermicro motherboard SKUs will require a BIOS update to mitigate this potential vulnerability.
An updated BIOS firmware had been created to mitigate this potential vulnerability. Supermicro is currently testing and validating affected products. Please check Release Notes for the resolution.

Resources:

AMD Security Notice AMD-SN-7029

機架伺服器

1U 雙處理器

2U 雙處理器

單處理器

多處理器

產品系列

GPU 伺服器

8U/10U GPU 系列

4U/5U GPU 系列

2U GPU 系列

1U GPU 系列

Twin 伺服器

FlexTwin™

BigTwin®

GrandTwin®

TwinPro®

Twin

FatTwin®

刀鋒伺服器

SuperBlade®

MicroBlade®

MicroCloud

儲存系列伺服器

所有儲存系列產品

全閃存 NVMe

頂部裝載存儲

JBOF

Petascale Grace Storage

Petascale Grace Storage

企業優化的存儲

JBOD Storage Enclosures

主機板

機箱

SuperRack®

配件區

Edge & Telecom Servers

Fanless Edge Systems

Compact Edge Systems

Edge GPU Systems

Outdoor Edge Systems

1U Edge Network Systems

5G/Telecom Systems

嵌入式組件

嵌入式/物聯網主機板

嵌入式系統機箱

交換機

網路卡

超級工作站

Liquid-Cooled AI Development Platform

單處理器

雙處理器

Supero™ 遊戲解決方案

人工智能基礎設施

Data Center Building Block Solutions® (DCBBS)

企業人工智慧解決方案

邊緣人工智慧

人工智慧儲存

NVIDIA 解決方案

AMD 解決方案

Intel 解決方案

HPC

機櫃解決方案

液體冷卻

數據管理

人工智慧儲存

軟體定義儲存和記憶體

超融合基礎架構

Veeam

企業應用和數據分析

數據工程

數據庫和 ERP

Microsoft

雲端和虛擬化

Cloud Service Providers (CSPs)

IT / Hosting Services

Google Distributed Cloud

Canonical OpenStack

Red Hat OpenStack

Kubernetes

虛擬桌面