Notebookcheck Logo

QEMU patch from AMD engineer confirms Zen 6 Epyc-Venice CPU details, including a fix for a long-standing security flaw

AMD Epyc 9375F render
ⓘ AMD
AMD Epyc 9375F render
A newly submitted QEMU patch and an independently sourced engineering-sample benchmark both confirm architectural details of AMD's upcoming Zen 6 Epyc "Venice" server CPUs, including a hardware fix for the known SRSO vulnerability, ahead of AMD's official reveal at its July 22-23 Advancing AI event.

AMD software engineer Ben Cheatham has submitted a four-patch series to the QEMU development mailing list that adds an official "Epyc-Venice" CPU model to the project's x86 emulation code. The patch, dated June 30, 2026, gives the first primary-source look at the CPUID feature set and cache hierarchy of AMD's upcoming Zen 6 Epyc server processors, known by the codename Venice. A separate lscpu output submitted to OpenBenchmarking from a real Epyc-Venice engineering sample corroborates the patch's specifications on actual silicon.

New Instructions

The new model is defined with family 26, model 80, stepping 0, and reports itself to guest operating systems as "AMD EPYC-Venice Processor." It builds on the feature baseline of the existing Epyc-Turin (Zen 5) model and adds several new instruction set extensions: AVX512 FP16, AVX-IFMA, AVX-NE-CONVERT, AVX-VNNI-INT8, and a new AVX512 Bit Matrix Multiply (BMM) instruction introduced earlier in the same patch series. The model also enables CET Shadow Stack support, TSC_ADJUST, and a new speculative-execution mitigation feature called Enhanced Return Address Prediction Security (ERAPS).

The commit message from Ben Cheatham's QEMU patch, listing the new feature bits added for Epyc-Venice.

Hardware Mitigations

Notably, the patch sets an SRSO_NO flag, indicating the core is not vulnerable to Speculative Return Stack Overflow, a speculative-execution flaw that has affected earlier Zen generations. The OpenBenchmarking lscpu output independently confirms this on real hardware, listing "Spec rstack overflow: Not affected." SRSO exploits the CPU's return address predictor, tricking it into speculatively executing code at an attacker-chosen address before the misprediction is caught; AMD's earlier Zen chips relied on software mitigations such as flushing branch prediction state on context switches, which carry a performance cost. A hardware-level fix means Venice cores close this attack path in silicon rather than through software patching, reducing overhead. This hardware mitigation pairs with ERAPS, a new mechanism that appears to manage how much return address history the predictor tracks per guest, based on the RAPSIZE parameter discussed in the same patch series.

(It's worth noting that most Intel CPUs of the last decade have fundamentally similar vulnerabilities exploring hardware branch prediction, with patches for these costing users performance.)

Cache size per CCD

The cache configuration listed in the patch shows a 48 KB, 12-way L1 data cache and a 32 KB, 8-way L1 instruction cache per core, unchanged from the Zen 5 Turin generation. L2 cache is listed at 1 MB per core, 16-way and inclusive, also matching Turin. L3 cache is listed at 64 MB, 16-way, shared at the die level. The OpenBenchmarking sample also matches this. 

Price and Availability

Though neither source specifies memory support or pricing, AMD CTO Mark Papermaster has separately confirmed that Epyc Venice will be officially unveiled at AMD's Advancing AI event in San Francisco on July 22-23, meaning full specifications, pricing, and availability details are expected within days.

Google LogoAdd as a preferred source on Google
Mail Logo
static version load dynamic
Loading Comments
Comment on this article
> Expert Reviews and News on Laptops, Smartphones and Tech Innovations > News > News Archive > Newsarchive 2026 07 > QEMU patch from AMD engineer confirms Zen 6 Epyc-Venice CPU details, including a fix for a long-standing security flaw
Bùi Giang, 2026-07-16 (Update: 2026-07-16)