There are a few exceptions, and you can find that on AMD's website. However, not all seems to be bad. AMD says that "During security reviews in collaboration with Google, Microsoft, and Oracle, potential vulnerabilities in the AMD Platform Security Processor (PSP), AMD System Management Unit (SMU), AMD Secure Encrypted Virtualization (SEV) and other platform components were discovered and have been mitigated in AMD EPYC AGESA PI packages."EPYC clients need to upgrade to the latest AGESA version. AMD patched all 22 vulnerabilities in the NaplesPI-SP3_1.0.0.G, RomePI-SP3_1.0.0.C, and MilanPI-SP3_126.96.36.199 AGESA versions.
22 security vulnerability discovered in AMD EPYC CPUs
Posted on Monday, November 15 2021 @ 22:21 CET by Thomas De Maesschalck