diff --git a/.gitattributes b/.gitattributes
index 17fd394..a7e2ccb 100644
--- a/.gitattributes
+++ b/.gitattributes
@@ -23,6 +23,7 @@
 *.zst filter=lfs diff=lfs merge=lfs -text
 ## Specific LFS patterns
 ast_dp501_fw.bin filter=lfs diff=lfs merge=lfs -text
+microcode_amd_fam19h.bin filter=lfs diff=lfs merge=lfs -text
 ql2600_fw.bin filter=lfs diff=lfs merge=lfs -text
 ql2700_fw.bin filter=lfs diff=lfs merge=lfs -text
 ql8300_fw.bin filter=lfs diff=lfs merge=lfs -text
diff --git a/amd-ucode-CVE-2023-20569.patch b/amd-ucode-CVE-2023-20569.patch
new file mode 100644
index 0000000..b92bc46
--- /dev/null
+++ b/amd-ucode-CVE-2023-20569.patch
@@ -0,0 +1,48 @@
+From: John Allen <john.allen@amd.com>
+Date: Tue, 8 Aug 2023 19:02:39 +0000
+Subject: [PATCH] linux-firmware: Update AMD cpu microcode
+
+* Update AMD cpu microcode for processor family 19h
+
+Key Name        = AMD Microcode Signing Key (for signing microcode container files only)
+Key ID          = F328AE73
+Key Fingerprint = FC7C 6C50 5DAF CC14 7183 57CA E4BE 5339 F328 AE73
+
+Signed-off-by: John Allen <john.allen@amd.com>
+---
+
+diff --git a/WHENCE b/WHENCE
+--- a/WHENCE
++++ b/WHENCE
+@@ -3924,7 +3924,7 @@ Raw: amd-ucode/microcode_amd_fam17h.bin
+ Version: 2023-07-19
+ File: amd-ucode/microcode_amd_fam19h.bin
+ Raw: amd-ucode/microcode_amd_fam19h.bin
+-Version: 2023-07-18
++Version: 2023-08-08
+ File: amd-ucode/README
+ 
+ License: Redistributable. See LICENSE.amd-ucode for details
+diff --git a/amd-ucode/microcode_amd_fam19h.bin.asc b/amd-ucode/microcode_amd_fam19h.bin.asc
+--- a/amd-ucode/microcode_amd_fam19h.bin.asc
++++ b/amd-ucode/microcode_amd_fam19h.bin.asc
+@@ -1,11 +1,11 @@
+ -----BEGIN PGP SIGNATURE-----
+ 
+-iQEzBAABCgAdFiEE/HxsUF2vzBRxg1fK5L5TOfMornMFAmS3F00ACgkQ5L5TOfMo
+-rnNEhQgAizSV8IFpvaYNytaJKLA4uevrZneGPV4czjCXnnj1yHpfQmCTyZQnoLnx
+-7gyzf7K5271zO51FBQ5z2Nm48a3XPUhMbQLNP4BZdekLiA3bRpMtSyHct6zD0ULm
+-xaFaOQ7MR1tGADhlon1bDvtnOuixUhwrZhEIlR9MzQAzERKDMOAVTbxn9ZhMfYiT
+-LhA791Blyyi+6Z9uh7BpaA8l8uvoxt+uuvlBTjQMR3ER/TEjgcsoy+XhhK4QKS0V
+-wJCtcDle/3pF+N6SAFWiXbNZ+P8p19afhcYddDl97xtpzA6/8b20a2eHkrqnu/Ds
+-jTozF9kmhiifYMYpXtXgSOwI3GRZbQ==
+-=t+j1
++iQEzBAABCgAdFiEE/HxsUF2vzBRxg1fK5L5TOfMornMFAmTEYrcACgkQ5L5TOfMo
++rnN4IQf/QKbOezXZ4OYzaPANvsZQEAzLNfuylC/aQMwrPaO7daz5/zmCN4HU5XkH
++dDT8DYfPg+fQHIgxAw0/L24xPOm5Op/QuLVDyDqVr4qvL8+65eeI+JqxD/wXMXYN
++V34kkLM2p8iuyY1Nc8IDLXu4X75KGNPbKZlMRKMU3Pr7ai5O4ihmiAM+N6qv1KEJ
++YToNN6vrg0qt1cv0SLM8sa4e7L1+oblUrg/o0FViYE8pxsU3ZRRVSJMUg+lKjvl/
++1ZPGKOdD80fcNJ+ItYGHNNs3eCc3WgW7Kc/E668eH75Yu9Zt7ewWZX8Sg/mygleY
++OzMwhbPJg4bF4zm7C/Pku7i1T2Omcg==
++=km2X
+ -----END PGP SIGNATURE-----
diff --git a/kernel-firmware.changes b/kernel-firmware.changes
index 1cef0f1..b5f3c0c 100644
--- a/kernel-firmware.changes
+++ b/kernel-firmware.changes
@@ -1,3 +1,9 @@
+-------------------------------------------------------------------
+Wed Aug  9 08:29:37 UTC 2023 - Takashi Iwai <tiwai@suse.com>
+
+- Update AMD 19h ucode for "Inception" (bsc#1213287, CVE-2023-20569)
+  amd-ucode-CVE-2023-20569.patch
+
 -------------------------------------------------------------------
 Wed Aug 02 12:12:14 UTC 2023 - tiwai@suse.com
 
diff --git a/kernel-firmware.spec b/kernel-firmware.spec
index feb3308..33ba2a2 100644
--- a/kernel-firmware.spec
+++ b/kernel-firmware.spec
@@ -45,6 +45,8 @@ Source10:       ql8300_fw.bin
 Source99:       kernel-firmware-rpmlintrc
 # temporary revert (bsc#1202152): taken from upstream commit 06acb465d80b
 Source100:      rtw8822c_fw.bin
+# updated amd-ucode (bsc#1213287, CVE-2023-20569)
+Source300:      microcode_amd_fam19h.bin
 # install / build infrastructure
 Source1001:     install-split.sh
 Source1002:     list-license.sh
@@ -63,6 +65,8 @@ Source1014:     README.build
 # workarounds
 Source1100:     qcom-post
 Source1101:     uncompressed-post
+# updated amd-ucode (bsc#1213287, CVE-2023-20569)
+Patch2:         amd-ucode-CVE-2023-20569.patch
 BuildRequires:  fdupes
 BuildRequires:  suse-module-tools
 Requires(post): %{_bindir}/mkdir
@@ -6383,6 +6387,10 @@ various USB WiFi / Ethernet drivers.
 
 %prep
 %setup -q -n kernel-firmware-%{version}
+# updated amd-ucode (bsc#1213287, CVE-2023-20569)
+cp %{SOURCE300} amd-ucode/
+%patch2 -p1
+
 # additional firmwares
 cat %{SOURCE1} >> WHENCE
 cp %{SOURCE2} %{SOURCE8} %{SOURCE9} %{SOURCE10} .
diff --git a/microcode_amd_fam19h.bin b/microcode_amd_fam19h.bin
new file mode 100644
index 0000000..75f580d
--- /dev/null
+++ b/microcode_amd_fam19h.bin
@@ -0,0 +1,3 @@
+version https://git-lfs.github.com/spec/v1
+oid sha256:cc026f66376a02a0833d399d05d90c0d9bd45c45982e2c9921a19be0c294ad67
+size 39172