06-5e-03 vulnerable to GDS with latest microcode #109
Description
Hi, my i5-7500 servers report they're vulnerable to GDS, even though I have the latest microcode, which Intel states should make them unaffected. Details:
root@pmc2:~# grep -r Vulnerable /sys/devices/system/cpu/vulnerabilities/
/sys/devices/system/cpu/vulnerabilities/gather_data_sampling:Vulnerable
root@pmc2:~# dmesg | grep -E 'i5-7500|GDS|microcode'
[ 0.158454] GDS: Vulnerable
[ 0.200225] smpboot: CPU0: Intel(R) Core(TM) i5-7500 CPU @ 3.40GHz (family: 0x6, model: 0x9e, stepping: 0x9)
[ 0.471909] microcode: Current revision: 0x000000f8
[ 0.471918] microcode: Updated early from: 0x00000084
root@pmc2:~# dpkg -l intel-microcode
ii intel-microcode 3.20251111.1 amd64 Processor microcode firmware for Intel CPUs
root@pmc2:~# iucode-tool -l /lib/firmware/intel-ucode/06-9e-09.initramfs
microcode bundle 1: /lib/firmware/intel-ucode/06-9e-09.initramfs
selected microcodes:
001/001: sig 0x000906e9, pf_mask 0x2a, 2023-09-28, rev 0x00f8, size 108544
root@pmc2:~# uname -a
Linux pmc2 6.17.2-2-pve #1 SMP PREEMPT_DYNAMIC PMX 6.17.2-2 (2025-11-26T12:33Z) x86_64 GNU/LinuxScreenshot from the related Intel documentation where it mentions I shouldn't be affected with firmware f8:
Am I doing something wrong, or should I just wait for a microcode update, or this processor won't receive any microcode upgrades and we should replace it? Thank you.