Publication Date: 07/28/2023 3:30PM PDT
AWS is aware of CVE-2023-20593, otherwise known as "Zenbleed", and can confirm this issue affected AMD “Zen 2”, also known as “Rome”, CPUs that power the C5a, C5ad, G4ad, and G5 instance families. Because of the design of the EC2 Nitro hypervisor, there is no risk of cross-instance data access. The updated microcode from AMD has been applied to all C5a, C5ad, G4ad, and G5 instances. No action is required from customers using these instance types.
Security-related questions or concerns can be brought to our attention via aws-security@amazon.com.