Tavis Ormandy discovered that under specific microarchitectural circumstances, a vector register in AMD 'Zen 2' CPUs may not be written to 0 correctly. This flaw allows an attacker to leak sensitive information across concurrent processes, hyper threads and virtualized guests. For details please refer to https://lock.cmpxchg8b.com/zenbleed.html and https://github.com/google/security-research/security/advisories/GHSA-v6wh-rxpg-cmm8. This issue can also be mitigated by a microcode update through the amd64-microcode package or a system firmware update. However, the initial microcode release by AMD only provides updates for second generation EPYC CPUs. Various Ryzen CPUs are also affected, but no updates are available yet.