Action not permitted
Modal body text goes here.
Modal Title
Modal Body
CVE-2025-20053 (GCVE-0-2025-20053)
Vulnerability from cvelistv5 – Published: 2025-08-12 16:58 – Updated: 2026-02-26 17:49
VLAI
EPSS
Summary
Improper buffer restrictions for some Intel(R) Xeon(R) Processor firmware with SGX enabled may allow a privileged user to potentially enable escalation of privilege via local access.
Severity
7.2 (High)
CWE
- Escalation of Privilege
- CWE-119 - Improper Restriction of Operations within the Bounds of a Memory Buffer
Assigner
References
1 reference
Impacted products
1 product
| Vendor | Product | Version | |
|---|---|---|---|
| n/a | Intel(R) Xeon(R) Processor firmware with SGX enabled |
Affected:
See references
|
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2025-20053",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-08-13T15:04:33.196160Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2026-02-26T17:49:39.752Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
},
{
"providerMetadata": {
"dateUpdated": "2025-11-03T17:32:05.343Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"url": "https://lists.debian.org/debian-lts-announce/2025/10/msg00027.html"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "Intel(R) Xeon(R) Processor firmware with SGX enabled",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "See references"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "Improper buffer restrictions for some Intel(R) Xeon(R) Processor firmware with SGX enabled may allow a privileged user to potentially enable escalation of privilege via local access."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "HIGH",
"attackVector": "LOCAL",
"availabilityImpact": "NONE",
"baseScore": 7.2,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "HIGH",
"scope": "CHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:C/C:H/I:H/A:N",
"version": "3.1"
},
"cvssV4_0": {
"attackComplexity": "HIGH",
"attackRequirements": "NONE",
"attackVector": "LOCAL",
"baseScore": 7,
"baseSeverity": "HIGH",
"privilegesRequired": "HIGH",
"subAvailabilityImpact": "NONE",
"subConfidentialityImpact": "NONE",
"subIntegrityImpact": "NONE",
"userInteraction": "NONE",
"vectorString": "CVSS:4.0/AV:L/AC:H/AT:N/PR:H/UI:N/VC:H/VI:H/VA:N/SC:N/SI:N/SA:N",
"version": "4.0",
"vulnAvailabilityImpact": "NONE",
"vulnConfidentialityImpact": "HIGH",
"vulnIntegrityImpact": "HIGH"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "Escalation of Privilege",
"lang": "en"
},
{
"cweId": "CWE-119",
"description": "Improper Restriction of Operations within the Bounds of a Memory Buffer",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-08-12T16:58:03.436Z",
"orgId": "6dda929c-bb53-4a77-a76d-48e79601a1ce",
"shortName": "intel"
},
"references": [
{
"name": "https://intel.com/content/www/us/en/security-center/advisory/intel-sa-01313.html",
"url": "https://intel.com/content/www/us/en/security-center/advisory/intel-sa-01313.html"
}
]
}
},
"cveMetadata": {
"assignerOrgId": "6dda929c-bb53-4a77-a76d-48e79601a1ce",
"assignerShortName": "intel",
"cveId": "CVE-2025-20053",
"datePublished": "2025-08-12T16:58:03.436Z",
"dateReserved": "2025-01-16T04:00:23.817Z",
"dateUpdated": "2026-02-26T17:49:39.752Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2",
"vulnerability-lookup:meta": {
"epss": {
"cve": "CVE-2025-20053",
"date": "2026-05-25",
"epss": "0.00021",
"percentile": "0.06145"
},
"nvd": "{\"cve\":{\"id\":\"CVE-2025-20053\",\"sourceIdentifier\":\"secure@intel.com\",\"published\":\"2025-08-12T17:15:28.280\",\"lastModified\":\"2025-11-03T18:15:49.050\",\"vulnStatus\":\"Awaiting Analysis\",\"cveTags\":[],\"descriptions\":[{\"lang\":\"en\",\"value\":\"Improper buffer restrictions for some Intel(R) Xeon(R) Processor firmware with SGX enabled may allow a privileged user to potentially enable escalation of privilege via local access.\"},{\"lang\":\"es\",\"value\":\"Las restricciones de b\u00fafer inadecuadas para algunos firmware de procesadores Intel(R) Xeon(R) con SGX habilitado pueden permitir que un usuario privilegiado habilite potencialmente la escalada de privilegios a trav\u00e9s del acceso local.\"}],\"metrics\":{\"cvssMetricV40\":[{\"source\":\"secure@intel.com\",\"type\":\"Secondary\",\"cvssData\":{\"version\":\"4.0\",\"vectorString\":\"CVSS:4.0/AV:L/AC:H/AT:N/PR:H/UI:N/VC:H/VI:H/VA:N/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X\",\"baseScore\":7.0,\"baseSeverity\":\"HIGH\",\"attackVector\":\"LOCAL\",\"attackComplexity\":\"HIGH\",\"attackRequirements\":\"NONE\",\"privilegesRequired\":\"HIGH\",\"userInteraction\":\"NONE\",\"vulnConfidentialityImpact\":\"HIGH\",\"vulnIntegrityImpact\":\"HIGH\",\"vulnAvailabilityImpact\":\"NONE\",\"subConfidentialityImpact\":\"NONE\",\"subIntegrityImpact\":\"NONE\",\"subAvailabilityImpact\":\"NONE\",\"exploitMaturity\":\"NOT_DEFINED\",\"confidentialityRequirement\":\"NOT_DEFINED\",\"integrityRequirement\":\"NOT_DEFINED\",\"availabilityRequirement\":\"NOT_DEFINED\",\"modifiedAttackVector\":\"NOT_DEFINED\",\"modifiedAttackComplexity\":\"NOT_DEFINED\",\"modifiedAttackRequirements\":\"NOT_DEFINED\",\"modifiedPrivilegesRequired\":\"NOT_DEFINED\",\"modifiedUserInteraction\":\"NOT_DEFINED\",\"modifiedVulnConfidentialityImpact\":\"NOT_DEFINED\",\"modifiedVulnIntegrityImpact\":\"NOT_DEFINED\",\"modifiedVulnAvailabilityImpact\":\"NOT_DEFINED\",\"modifiedSubConfidentialityImpact\":\"NOT_DEFINED\",\"modifiedSubIntegrityImpact\":\"NOT_DEFINED\",\"modifiedSubAvailabilityImpact\":\"NOT_DEFINED\",\"Safety\":\"NOT_DEFINED\",\"Automatable\":\"NOT_DEFINED\",\"Recovery\":\"NOT_DEFINED\",\"valueDensity\":\"NOT_DEFINED\",\"vulnerabilityResponseEffort\":\"NOT_DEFINED\",\"providerUrgency\":\"NOT_DEFINED\"}}],\"cvssMetricV31\":[{\"source\":\"secure@intel.com\",\"type\":\"Secondary\",\"cvssData\":{\"version\":\"3.1\",\"vectorString\":\"CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:C/C:H/I:H/A:N\",\"baseScore\":7.2,\"baseSeverity\":\"HIGH\",\"attackVector\":\"LOCAL\",\"attackComplexity\":\"HIGH\",\"privilegesRequired\":\"HIGH\",\"userInteraction\":\"NONE\",\"scope\":\"CHANGED\",\"confidentialityImpact\":\"HIGH\",\"integrityImpact\":\"HIGH\",\"availabilityImpact\":\"NONE\"},\"exploitabilityScore\":0.8,\"impactScore\":5.8}]},\"weaknesses\":[{\"source\":\"secure@intel.com\",\"type\":\"Secondary\",\"description\":[{\"lang\":\"en\",\"value\":\"CWE-119\"}]}],\"references\":[{\"url\":\"https://intel.com/content/www/us/en/security-center/advisory/intel-sa-01313.html\",\"source\":\"secure@intel.com\"},{\"url\":\"https://lists.debian.org/debian-lts-announce/2025/10/msg00027.html\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"}]}}",
"vulnrichment": {
"containers": "{\"adp\": [{\"title\": \"CVE Program Container\", \"references\": [{\"url\": \"https://lists.debian.org/debian-lts-announce/2025/10/msg00027.html\"}], \"providerMetadata\": {\"orgId\": \"af854a3a-2127-422b-91ae-364da2661108\", \"shortName\": \"CVE\", \"dateUpdated\": \"2025-11-03T17:32:05.343Z\"}}, {\"title\": \"CISA ADP Vulnrichment\", \"metrics\": [{\"other\": {\"type\": \"ssvc\", \"content\": {\"id\": \"CVE-2025-20053\", \"role\": \"CISA Coordinator\", \"options\": [{\"Exploitation\": \"none\"}, {\"Automatable\": \"no\"}, {\"Technical Impact\": \"total\"}], \"version\": \"2.0.3\", \"timestamp\": \"2025-08-12T18:24:39.885482Z\"}}}], \"providerMetadata\": {\"orgId\": \"134c704f-9b21-4f2e-91b3-4a467353bcc0\", \"shortName\": \"CISA-ADP\", \"dateUpdated\": \"2025-08-12T18:24:45.641Z\"}}], \"cna\": {\"metrics\": [{\"format\": \"CVSS\", \"cvssV3_1\": {\"scope\": \"CHANGED\", \"version\": \"3.1\", \"baseScore\": 7.2, \"attackVector\": \"LOCAL\", \"baseSeverity\": \"HIGH\", \"vectorString\": \"CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:C/C:H/I:H/A:N\", \"integrityImpact\": \"HIGH\", \"userInteraction\": \"NONE\", \"attackComplexity\": \"HIGH\", \"availabilityImpact\": \"NONE\", \"privilegesRequired\": \"HIGH\", \"confidentialityImpact\": \"HIGH\"}, \"cvssV4_0\": {\"version\": \"4.0\", \"baseScore\": 7, \"attackVector\": \"LOCAL\", \"baseSeverity\": \"HIGH\", \"vectorString\": \"CVSS:4.0/AV:L/AC:H/AT:N/PR:H/UI:N/VC:H/VI:H/VA:N/SC:N/SI:N/SA:N\", \"userInteraction\": \"NONE\", \"attackComplexity\": \"HIGH\", \"attackRequirements\": \"NONE\", \"privilegesRequired\": \"HIGH\", \"subIntegrityImpact\": \"NONE\", \"vulnIntegrityImpact\": \"HIGH\", \"subAvailabilityImpact\": \"NONE\", \"vulnAvailabilityImpact\": \"NONE\", \"subConfidentialityImpact\": \"NONE\", \"vulnConfidentialityImpact\": \"HIGH\"}, \"scenarios\": [{\"lang\": \"en\", \"value\": \"GENERAL\"}]}], \"affected\": [{\"vendor\": \"n/a\", \"product\": \"Intel(R) Xeon(R) Processor firmware with SGX enabled\", \"versions\": [{\"status\": \"affected\", \"version\": \"See references\"}], \"defaultStatus\": \"unaffected\"}], \"references\": [{\"url\": \"https://intel.com/content/www/us/en/security-center/advisory/intel-sa-01313.html\", \"name\": \"https://intel.com/content/www/us/en/security-center/advisory/intel-sa-01313.html\"}], \"descriptions\": [{\"lang\": \"en\", \"value\": \"Improper buffer restrictions for some Intel(R) Xeon(R) Processor firmware with SGX enabled may allow a privileged user to potentially enable escalation of privilege via local access.\"}], \"problemTypes\": [{\"descriptions\": [{\"lang\": \"en\", \"description\": \"Escalation of Privilege\"}, {\"lang\": \"en\", \"type\": \"CWE\", \"cweId\": \"CWE-119\", \"description\": \"Improper Restriction of Operations within the Bounds of a Memory Buffer\"}]}], \"providerMetadata\": {\"orgId\": \"6dda929c-bb53-4a77-a76d-48e79601a1ce\", \"shortName\": \"intel\", \"dateUpdated\": \"2025-08-12T16:58:03.436Z\"}}}",
"cveMetadata": "{\"cveId\": \"CVE-2025-20053\", \"state\": \"PUBLISHED\", \"dateUpdated\": \"2025-11-03T17:32:05.343Z\", \"dateReserved\": \"2025-01-16T04:00:23.817Z\", \"assignerOrgId\": \"6dda929c-bb53-4a77-a76d-48e79601a1ce\", \"datePublished\": \"2025-08-12T16:58:03.436Z\", \"assignerShortName\": \"intel\"}",
"dataType": "CVE_RECORD",
"dataVersion": "5.2"
}
}
}
CERTFR-2025-AVI-0684
Vulnerability from certfr_avis - Published: 2025-08-13 - Updated: 2025-08-13
De multiples vulnérabilités ont été découvertes dans les produits Intel. Certaines d'entre elles permettent à un attaquant de provoquer une élévation de privilèges, un déni de service à distance et une atteinte à la confidentialité des données.
Solutions
Se référer au bulletin de sécurité de l'éditeur pour l'obtention des correctifs (cf. section Documentation).
Impacted products
| Vendor | Product | Description | ||
|---|---|---|---|---|
| Intel | les processeurs Intel | Processeur Intel Core de 8e génération sans les derniers correctifs de sécurité | ||
| Intel | les processeurs Intel | Processeur Intel Core de 13e génération sans les derniers correctifs de sécurité | ||
| Intel | N/A | AI Playground versions antérieures à v2.3.0 alpha | ||
| Intel | les processeurs Intel | Jeux de puces de la série Intel 700 sans les derniers correctifs de sécurité | ||
| Intel | N/A | QuickAssist Technology versions antérieures à 2.5.0 | ||
| Intel | les processeurs Intel | Processeur Intel Xeon W série 2200 sans les derniers correctifs de sécurité | ||
| Intel | les processeurs Intel | Processeur Intel Xeon Silver de 5e génération sans les derniers correctifs de sécurité | ||
| Intel | les processeurs Intel | Jeux de puces de la série Intel 500 sans les derniers correctifs de sécurité | ||
| Intel | les processeurs Intel | Processeur Intel Core i9 14900 sans les derniers correctifs de sécurité | ||
| Intel | N/A | Clock Jitter Tool versions antérieures à 6.0.1 | ||
| Intel | les processeurs Intel | Processeur Intel Xeon Silver de 4e génération sans les derniers correctifs de sécurité | ||
| Intel | N/A | AI pour Enterprise Retrieval-augmented Generation versions antérieures à 1.1.0 | ||
| Intel | les processeurs Intel | Processeur Intel Xeon W série 2100 sans les derniers correctifs de sécurité | ||
| Intel | les processeurs Intel | Processeur Intel Core de 11e génération sans les derniers correctifs de sécurité | ||
| Intel | les processeurs Intel | Jeux de puces de la série Intel 600 sans les derniers correctifs de sécurité | ||
| Intel | N/A | DSA versions antérieures à 25.2.15.9 | ||
| Intel | les processeurs Intel | Jeux de puces de la série Intel C250 sans les derniers correctifs de sécurité | ||
| Intel | les processeurs Intel | Processeur Intel Xeon Gold de 4e génération sans les derniers correctifs de sécurité | ||
| Intel | N/A | Pilotes Linux pour Intel 700 Series Ethernet versions antérieures à 2.28.5 | ||
| Intel | N/A | Module Trust Domain Extensions (TDX) pour les processeurs Xeon de 4e et 5e génération et pour les processeurs Xeon avec E-cores versions antérieures à 1.5.13 | ||
| Intel | N/A | Firmware package et LED mode toggle tool pour Intel PCIe Switch toutes versions | ||
| Intel | les processeurs Intel | Jeux de puces Intel 790 sans les derniers correctifs de sécurité | ||
| Intel | les processeurs Intel | Série de processeurs Intel Pentium Gold (G54XXU) sans les derniers correctifs de sécurité | ||
| Intel | les processeurs Intel | Famille de processeurs Intel Xeon E sans les derniers correctifs de sécurité | ||
| Intel | les processeurs Intel | Processeurs Intel Core (Série 1) sans les derniers correctifs de sécurité | ||
| Intel | les processeurs Intel | Processeur Intel Xeon Scalable de 3e génération sans les derniers correctifs de sécurité | ||
| Intel | les processeurs Intel | Jeux de puces Intel X299 sans les derniers correctifs de sécurité | ||
| Intel | les processeurs Intel | Jeux de puces de la série Intel C240 sans les derniers correctifs de sécurité | ||
| Intel | les processeurs Intel | Processeur Intel Xeon W série 10000/1200 sans les derniers correctifs de sécurité | ||
| Intel | N/A | UEFI pour Intel Xeon 6 sans les derniers correctifs de sécurité | ||
| Intel | N/A | Processeurs Intel Xeon sans les derniers correctifs de sécurité | ||
| Intel | les processeurs Intel | Famille de processeurs Intel Celeron sans les derniers correctifs de sécurité | ||
| Intel | les processeurs Intel | Jeux de puces de la série Intel C230 sans les derniers correctifs de sécurité | ||
| Intel | N/A | Intel RealSense Dynamic Calibrator versions antérieures à 2.14.2.0 | ||
| Intel | les processeurs Intel | Processeur Intel Core de 10e génération sans les derniers correctifs de sécurité | ||
| Intel | les processeurs Intel | Processeur Intel Xeon Scalable de 4e génération sans les derniers correctifs de sécurité | ||
| Intel | les processeurs Intel | Série de processeurs Intel Celeron J4000/N4000 sans les derniers correctifs de sécurité | ||
| Intel | les processeurs Intel | Série de processeurs Intel Pentium J4000/N4000 sans les derniers correctifs de sécurité | ||
| Intel | N/A | Out of band management service module (OOB-MSM) pour les processeurs Xeon 6 sans les derniers correctifs de sécurité | ||
| Intel | N/A | Intel Distribution pour Python versions antérieures à 2025.1.0 | ||
| Intel | les processeurs Intel | Processeurs Intel Xeon W2400 et W3400 sans les derniers correctifs de sécurité | ||
| Intel | les processeurs Intel | Famille de processeurs Intel Core de 13e génération sans les derniers correctifs de sécurité | ||
| Intel | les processeurs Intel | Processeur Intel Celeron série 4000 sans les derniers correctifs de sécurité | ||
| Intel | les processeurs Intel | Série de processeurs Intel Atom X E3900 sans les derniers correctifs de sécurité | ||
| Intel | les processeurs Intel | Processeur Intel Xeon W séries 2400 et 3400 sans les derniers correctifs de sécurité | ||
| Intel | les processeurs Intel | Processeur Intel Xeon Gold de 5e génération sans les derniers correctifs de sécurité | ||
| Intel | les processeurs Intel | Jeux de puces de la série Intel C620 sans les derniers correctifs de sécurité | ||
| Intel | les processeurs Intel | Processeur de la série Intel Xeon CPU Max (mémoire à haute bande passante HBM) sans les derniers correctifs de sécurité | ||
| Intel | les processeurs Intel | Processeur Intel Xeon Bronze de 4e génération sans les derniers correctifs de sécurité | ||
| Intel | les processeurs Intel | Processeur Intel Core série U sans les derniers correctifs de sécurité | ||
| Intel | les processeurs Intel | Processeurs Intel Pentium et Celeron séries N et J sans les derniers correctifs de sécurité | ||
| Intel | les processeurs Intel | Processeur Intel Core de 9e génération sans les derniers correctifs de sécurité | ||
| Intel | N/A | Intel oneAPI Toolkits sans les derniers correctifs de sécurité | ||
| Intel | les processeurs Intel | Famille de processeurs Intel Pentium Gold sans les derniers correctifs de sécurité | ||
| Intel | les processeurs Intel | Processeur Intel Core i9 13900 sans les derniers correctifs de sécurité | ||
| Intel | N/A | Pilotes Linux pour Intel I350 Series Ethernet versions antérieures à 5.19.2 | ||
| Intel | les processeurs Intel | Processeur Intel Xeon Platinum de 4e génération sans les derniers correctifs de sécurité | ||
| Intel | N/A | LMS versions antérieures à 2514.7.16.0 | ||
| Intel | les processeurs Intel | Processeur Intel Core série X sans les derniers correctifs de sécurité | ||
| Intel | N/A | PROSet/Wireless Wi-Fi versions antérieures à 23.110.0.5 | ||
| Intel | les processeurs Intel | Processeur Intel Xeon E sans les derniers correctifs de sécurité | ||
| Intel | N/A | Edge Orchestrator pour Intel Tiber Edge Platform pour AWS versions antérieures à 24.11.1 | ||
| Intel | les processeurs Intel | Intel Core 9 sans les derniers correctifs de sécurité | ||
| Intel | N/A | Pilotes Linux pour Intel 800 Series Ethernet versions antérieures à 1.17.2 | ||
| Intel | les processeurs Intel | Processeur Intel Core i7 14700 sans les derniers correctifs de sécurité | ||
| Intel | N/A | Bibliothèque TinyCBOR versions antérieures à 0.6.1 | ||
| Intel | les processeurs Intel | Processeurs Intel Core Ultra (Série 1) sans les derniers correctifs de sécurité | ||
| Intel | les processeurs Intel | Processeur Intel Xeon Platinum de 5e génération sans les derniers correctifs de sécurité | ||
| Intel | les processeurs Intel | Série de processeurs Intel Atom P5000 sans les derniers correctifs de sécurité | ||
| Intel | N/A | Intel Driver & Support Assistant versions antérieures à 24.6.49.8 | ||
| Intel | les processeurs Intel | Processeur Celeron série 6000 sans les derniers correctifs de sécurité | ||
| Intel | N/A | Pilotes Graphics pour processeurs Intel Core de générations 7 à 10 et Intel Atom Pentium et Céléron versions antérieures à 31.0.101.2135 | ||
| Intel | N/A | Pilotes Graphics pour Arc et Iris Xe versions antérieures à 32.0.101.6737 | ||
| Intel | les processeurs Intel | Processeurs Intel Core (Série 2) sans les derniers correctifs de sécurité | ||
| Intel | N/A | Micrologiciel pour Intel E810 Ethernet NVM versions antérieures à 4.6 | ||
| Intel | les processeurs Intel | Série Intel Atom x6000E sans les derniers correctifs de sécurité | ||
| Intel | les processeurs Intel | Processeur Celeron série G sans les derniers correctifs de sécurité | ||
| Intel | N/A | Pilotes Graphics pour Data Center GPU Flex versions antérieures à 32.0.101.6733 | ||
| Intel | N/A | Trace Analyzer and Collector toutes versions | ||
| Intel | les processeurs Intel | Série de processeurs Intel Pentium Gold sans les derniers correctifs de sécurité | ||
| Intel | les processeurs Intel | Jeux de puces de la série Intel C620A sans les derniers correctifs de sécurité | ||
| Intel | les processeurs Intel | Processeur Intel Xeon W série 1300 sans les derniers correctifs de sécurité | ||
| Intel | les processeurs Intel | Processeur Intel Xeon de 5e génération sans les derniers correctifs de sécurité | ||
| Intel | les processeurs Intel | Processeur Intel Core i9 13900E sans les derniers correctifs de sécurité | ||
| Intel | les processeurs Intel | Processeur Intel Core i7 14701E sans les derniers correctifs de sécurité | ||
| Intel | les processeurs Intel | Processeur Intel Xeon de 5e générationJeu de puces Intel C420 sans les derniers correctifs de sécurité | ||
| Intel | les processeurs Intel | Processeur Intel Core de 12e génération sans les derniers correctifs de sécurité | ||
| Intel | les processeurs Intel | Processeurs Intel Core i9 de 13e génération sans les derniers correctifs de sécurité | ||
| Intel | les processeurs Intel | Processeur Intel Celeron série G sans les derniers correctifs de sécurité | ||
| Intel | N/A | Edger8r pour Intel Software Guard Extensions SDK (Intel SGX SDK) toutes versions | ||
| Intel | les processeurs Intel | Série de processeurs Intel Celeron J3000/N3000 sans les derniers correctifs de sécurité | ||
| Intel | les processeurs Intel | Jeux de puces de la série Intel C740 sans les derniers correctifs de sécurité | ||
| Intel | N/A | Module Trust Domain Extensions (TDX) pour les processeurs Xeon 6 versions antérieures à 2.0.8 | ||
| Intel | les processeurs Intel | Jeux de puces de la série Intel 100 sans les derniers correctifs de sécurité | ||
| Intel | les processeurs Intel | Processeur Intel Xeon Scalable de 5e génération sans les derniers correctifs de sécurité | ||
| Intel | les processeurs Intel | Processeurs Intel Xeon Scalable de 4e génération avec Intel vRAN sans les derniers correctifs de sécurité | ||
| Intel | les processeurs Intel | Jeux de puces de la série Intel 300 sans les derniers correctifs de sécurité | ||
| Intel | les processeurs Intel | Jeux de puces de la série Intel 200 sans les derniers correctifs de sécurité | ||
| Intel | les processeurs Intel | Processeur Intel Core de 7e génération sans les derniers correctifs de sécurité | ||
| Intel | les processeurs Intel | Famille de processeurs Intel Core de 14e génération sans les derniers correctifs de sécurité | ||
| Intel | N/A | Device Plugins for Kubernetes versions antérieures à 0.32.0 | ||
| Intel | N/A | Connectivity Performance Suite versions antérieures à 40.24.11210 | ||
| Intel | les processeurs Intel | Jeux de puces Intel C420 sans les derniers correctifs de sécurité | ||
| Intel | les processeurs Intel | Processeur Intel Core i9 14901E sans les derniers correctifs de sécurité | ||
| Intel | les processeurs Intel | Processeur Intel Core i9 14900HX sans les derniers correctifs de sécurité | ||
| Intel | les processeurs Intel | Processeur Intel Core de 6e génération sans les derniers correctifs de sécurité | ||
| Intel | les processeurs Intel | Jeux de puces de la série Intel 400 sans les derniers correctifs de sécurité | ||
| Intel | N/A | Trust Domain Extensions (TDX) versions antérieures à 1.5.07.00.774 | ||
| Intel | les processeurs Intel | Processeur Intel Xeon Bronze de 5e génération sans les derniers correctifs de sécurité | ||
| Intel | les processeurs Intel | Série de processeurs Intel Pentium J5000/N5000 sans les derniers correctifs de sécurité | ||
| Intel | les processeurs Intel | Processeur Intel série N sans les derniers correctifs de sécurité | ||
| Intel | les processeurs Intel | Famille de processeurs Intel Core de 12e génération sans les derniers correctifs de sécurité | ||
| Intel | les processeurs Intel | Série de processeurs Pentium Silver sans les derniers correctifs de sécurité | ||
| Intel | les processeurs Intel | Processeur Celeron série N sans les derniers correctifs de sécurité | ||
| Intel | les processeurs Intel | Processeurs Intel Core Ultra (Série 2) sans les derniers correctifs de sécurité | ||
| Intel | les processeurs Intel | Processeur Intel Xeon Edge Enhanced de 4e génération sans les derniers correctifs de sécurité | ||
| Intel | les processeurs Intel | Série de jeux de puces Intel C240 sans les derniers correctifs de sécurité | ||
| Intel | les processeurs Intel | Série de processeurs Pentium Gold sans les derniers correctifs de sécurité | ||
| Intel | N/A | Rapid Storage Technology versions antérieures à 20.2.1.1016 |
References
{
"$ref": "https://www.cert.ssi.gouv.fr/openapi.json",
"affected_systems": [
{
"description": "Processeur Intel Core de 8e g\u00e9n\u00e9ration sans les derniers correctifs de s\u00e9curit\u00e9",
"product": {
"name": "les processeurs Intel",
"vendor": {
"name": "Intel",
"scada": false
}
}
},
{
"description": "Processeur Intel Core de 13e g\u00e9n\u00e9ration sans les derniers correctifs de s\u00e9curit\u00e9",
"product": {
"name": "les processeurs Intel",
"vendor": {
"name": "Intel",
"scada": false
}
}
},
{
"description": "AI Playground versions ant\u00e9rieures \u00e0 v2.3.0 alpha",
"product": {
"name": "N/A",
"vendor": {
"name": "Intel",
"scada": false
}
}
},
{
"description": "Jeux de puces de la s\u00e9rie Intel 700 sans les derniers correctifs de s\u00e9curit\u00e9",
"product": {
"name": "les processeurs Intel",
"vendor": {
"name": "Intel",
"scada": false
}
}
},
{
"description": "QuickAssist Technology versions ant\u00e9rieures \u00e0 2.5.0",
"product": {
"name": "N/A",
"vendor": {
"name": "Intel",
"scada": false
}
}
},
{
"description": "Processeur Intel Xeon W s\u00e9rie 2200 sans les derniers correctifs de s\u00e9curit\u00e9",
"product": {
"name": "les processeurs Intel",
"vendor": {
"name": "Intel",
"scada": false
}
}
},
{
"description": "Processeur Intel Xeon Silver de 5e g\u00e9n\u00e9ration sans les derniers correctifs de s\u00e9curit\u00e9",
"product": {
"name": "les processeurs Intel",
"vendor": {
"name": "Intel",
"scada": false
}
}
},
{
"description": "Jeux de puces de la s\u00e9rie Intel 500 sans les derniers correctifs de s\u00e9curit\u00e9",
"product": {
"name": "les processeurs Intel",
"vendor": {
"name": "Intel",
"scada": false
}
}
},
{
"description": "Processeur Intel Core i9 14900 sans les derniers correctifs de s\u00e9curit\u00e9",
"product": {
"name": "les processeurs Intel",
"vendor": {
"name": "Intel",
"scada": false
}
}
},
{
"description": "Clock Jitter Tool versions ant\u00e9rieures \u00e0 6.0.1",
"product": {
"name": "N/A",
"vendor": {
"name": "Intel",
"scada": false
}
}
},
{
"description": "Processeur Intel Xeon Silver de 4e g\u00e9n\u00e9ration sans les derniers correctifs de s\u00e9curit\u00e9",
"product": {
"name": "les processeurs Intel",
"vendor": {
"name": "Intel",
"scada": false
}
}
},
{
"description": "AI pour Enterprise Retrieval-augmented Generation versions ant\u00e9rieures \u00e0 1.1.0",
"product": {
"name": "N/A",
"vendor": {
"name": "Intel",
"scada": false
}
}
},
{
"description": "Processeur Intel Xeon W s\u00e9rie 2100 sans les derniers correctifs de s\u00e9curit\u00e9",
"product": {
"name": "les processeurs Intel",
"vendor": {
"name": "Intel",
"scada": false
}
}
},
{
"description": "Processeur Intel Core de 11e g\u00e9n\u00e9ration sans les derniers correctifs de s\u00e9curit\u00e9",
"product": {
"name": "les processeurs Intel",
"vendor": {
"name": "Intel",
"scada": false
}
}
},
{
"description": "Jeux de puces de la s\u00e9rie Intel 600 sans les derniers correctifs de s\u00e9curit\u00e9",
"product": {
"name": "les processeurs Intel",
"vendor": {
"name": "Intel",
"scada": false
}
}
},
{
"description": "DSA versions ant\u00e9rieures \u00e0 25.2.15.9",
"product": {
"name": "N/A",
"vendor": {
"name": "Intel",
"scada": false
}
}
},
{
"description": "Jeux de puces de la s\u00e9rie Intel C250 sans les derniers correctifs de s\u00e9curit\u00e9",
"product": {
"name": "les processeurs Intel",
"vendor": {
"name": "Intel",
"scada": false
}
}
},
{
"description": "Processeur Intel Xeon Gold de 4e g\u00e9n\u00e9ration sans les derniers correctifs de s\u00e9curit\u00e9",
"product": {
"name": "les processeurs Intel",
"vendor": {
"name": "Intel",
"scada": false
}
}
},
{
"description": "Pilotes Linux pour Intel 700 Series Ethernet versions ant\u00e9rieures \u00e0 2.28.5",
"product": {
"name": "N/A",
"vendor": {
"name": "Intel",
"scada": false
}
}
},
{
"description": "Module Trust Domain Extensions (TDX) pour les processeurs Xeon de 4e et 5e g\u00e9n\u00e9ration et pour les processeurs Xeon avec E-cores versions ant\u00e9rieures \u00e0 1.5.13",
"product": {
"name": "N/A",
"vendor": {
"name": "Intel",
"scada": false
}
}
},
{
"description": "Firmware package et LED mode toggle tool pour Intel PCIe Switch toutes versions",
"product": {
"name": "N/A",
"vendor": {
"name": "Intel",
"scada": false
}
}
},
{
"description": "Jeux de puces Intel 790 sans les derniers correctifs de s\u00e9curit\u00e9",
"product": {
"name": "les processeurs Intel",
"vendor": {
"name": "Intel",
"scada": false
}
}
},
{
"description": "S\u00e9rie de processeurs Intel Pentium Gold (G54XXU) sans les derniers correctifs de s\u00e9curit\u00e9",
"product": {
"name": "les processeurs Intel",
"vendor": {
"name": "Intel",
"scada": false
}
}
},
{
"description": "Famille de processeurs Intel Xeon E sans les derniers correctifs de s\u00e9curit\u00e9",
"product": {
"name": "les processeurs Intel",
"vendor": {
"name": "Intel",
"scada": false
}
}
},
{
"description": "Processeurs Intel Core (S\u00e9rie 1) sans les derniers correctifs de s\u00e9curit\u00e9",
"product": {
"name": "les processeurs Intel",
"vendor": {
"name": "Intel",
"scada": false
}
}
},
{
"description": "Processeur Intel Xeon Scalable de 3e g\u00e9n\u00e9ration sans les derniers correctifs de s\u00e9curit\u00e9",
"product": {
"name": "les processeurs Intel",
"vendor": {
"name": "Intel",
"scada": false
}
}
},
{
"description": "Jeux de puces Intel X299 sans les derniers correctifs de s\u00e9curit\u00e9",
"product": {
"name": "les processeurs Intel",
"vendor": {
"name": "Intel",
"scada": false
}
}
},
{
"description": "Jeux de puces de la s\u00e9rie Intel C240 sans les derniers correctifs de s\u00e9curit\u00e9",
"product": {
"name": "les processeurs Intel",
"vendor": {
"name": "Intel",
"scada": false
}
}
},
{
"description": "Processeur Intel Xeon W s\u00e9rie 10000/1200 sans les derniers correctifs de s\u00e9curit\u00e9",
"product": {
"name": "les processeurs Intel",
"vendor": {
"name": "Intel",
"scada": false
}
}
},
{
"description": "UEFI pour Intel Xeon 6 sans les derniers correctifs de s\u00e9curit\u00e9",
"product": {
"name": "N/A",
"vendor": {
"name": "Intel",
"scada": false
}
}
},
{
"description": "Processeurs Intel Xeon sans les derniers correctifs de s\u00e9curit\u00e9",
"product": {
"name": "N/A",
"vendor": {
"name": "Intel",
"scada": false
}
}
},
{
"description": "Famille de processeurs Intel Celeron sans les derniers correctifs de s\u00e9curit\u00e9",
"product": {
"name": "les processeurs Intel",
"vendor": {
"name": "Intel",
"scada": false
}
}
},
{
"description": "Jeux de puces de la s\u00e9rie Intel C230 sans les derniers correctifs de s\u00e9curit\u00e9",
"product": {
"name": "les processeurs Intel",
"vendor": {
"name": "Intel",
"scada": false
}
}
},
{
"description": "Intel RealSense Dynamic Calibrator versions ant\u00e9rieures \u00e0 2.14.2.0",
"product": {
"name": "N/A",
"vendor": {
"name": "Intel",
"scada": false
}
}
},
{
"description": "Processeur Intel Core de 10e g\u00e9n\u00e9ration sans les derniers correctifs de s\u00e9curit\u00e9",
"product": {
"name": "les processeurs Intel",
"vendor": {
"name": "Intel",
"scada": false
}
}
},
{
"description": "Processeur Intel Xeon Scalable de 4e g\u00e9n\u00e9ration sans les derniers correctifs de s\u00e9curit\u00e9",
"product": {
"name": "les processeurs Intel",
"vendor": {
"name": "Intel",
"scada": false
}
}
},
{
"description": "S\u00e9rie de processeurs Intel Celeron J4000/N4000 sans les derniers correctifs de s\u00e9curit\u00e9",
"product": {
"name": "les processeurs Intel",
"vendor": {
"name": "Intel",
"scada": false
}
}
},
{
"description": "S\u00e9rie de processeurs Intel Pentium J4000/N4000 sans les derniers correctifs de s\u00e9curit\u00e9",
"product": {
"name": "les processeurs Intel",
"vendor": {
"name": "Intel",
"scada": false
}
}
},
{
"description": "Out of band management service module (OOB-MSM) pour les processeurs Xeon 6 sans les derniers correctifs de s\u00e9curit\u00e9",
"product": {
"name": "N/A",
"vendor": {
"name": "Intel",
"scada": false
}
}
},
{
"description": "Intel Distribution pour Python versions ant\u00e9rieures \u00e0 2025.1.0",
"product": {
"name": "N/A",
"vendor": {
"name": "Intel",
"scada": false
}
}
},
{
"description": "Processeurs Intel Xeon W2400 et W3400 sans les derniers correctifs de s\u00e9curit\u00e9",
"product": {
"name": "les processeurs Intel",
"vendor": {
"name": "Intel",
"scada": false
}
}
},
{
"description": "Famille de processeurs Intel Core de 13e g\u00e9n\u00e9ration sans les derniers correctifs de s\u00e9curit\u00e9",
"product": {
"name": "les processeurs Intel",
"vendor": {
"name": "Intel",
"scada": false
}
}
},
{
"description": "Processeur Intel Celeron s\u00e9rie 4000 sans les derniers correctifs de s\u00e9curit\u00e9",
"product": {
"name": "les processeurs Intel",
"vendor": {
"name": "Intel",
"scada": false
}
}
},
{
"description": "S\u00e9rie de processeurs Intel Atom X E3900 sans les derniers correctifs de s\u00e9curit\u00e9",
"product": {
"name": "les processeurs Intel",
"vendor": {
"name": "Intel",
"scada": false
}
}
},
{
"description": "Processeur Intel Xeon W s\u00e9ries 2400 et 3400 sans les derniers correctifs de s\u00e9curit\u00e9",
"product": {
"name": "les processeurs Intel",
"vendor": {
"name": "Intel",
"scada": false
}
}
},
{
"description": "Processeur Intel Xeon Gold de 5e g\u00e9n\u00e9ration sans les derniers correctifs de s\u00e9curit\u00e9",
"product": {
"name": "les processeurs Intel",
"vendor": {
"name": "Intel",
"scada": false
}
}
},
{
"description": "Jeux de puces de la s\u00e9rie Intel C620 sans les derniers correctifs de s\u00e9curit\u00e9",
"product": {
"name": "les processeurs Intel",
"vendor": {
"name": "Intel",
"scada": false
}
}
},
{
"description": "Processeur de la s\u00e9rie Intel Xeon CPU Max (m\u00e9moire \u00e0 haute bande passante HBM) sans les derniers correctifs de s\u00e9curit\u00e9",
"product": {
"name": "les processeurs Intel",
"vendor": {
"name": "Intel",
"scada": false
}
}
},
{
"description": "Processeur Intel Xeon Bronze de 4e g\u00e9n\u00e9ration sans les derniers correctifs de s\u00e9curit\u00e9",
"product": {
"name": "les processeurs Intel",
"vendor": {
"name": "Intel",
"scada": false
}
}
},
{
"description": "Processeur Intel Core s\u00e9rie U sans les derniers correctifs de s\u00e9curit\u00e9",
"product": {
"name": "les processeurs Intel",
"vendor": {
"name": "Intel",
"scada": false
}
}
},
{
"description": "Processeurs Intel Pentium et Celeron s\u00e9ries N et J sans les derniers correctifs de s\u00e9curit\u00e9",
"product": {
"name": "les processeurs Intel",
"vendor": {
"name": "Intel",
"scada": false
}
}
},
{
"description": "Processeur Intel Core de 9e g\u00e9n\u00e9ration sans les derniers correctifs de s\u00e9curit\u00e9",
"product": {
"name": "les processeurs Intel",
"vendor": {
"name": "Intel",
"scada": false
}
}
},
{
"description": "Intel oneAPI Toolkits sans les derniers correctifs de s\u00e9curit\u00e9",
"product": {
"name": "N/A",
"vendor": {
"name": "Intel",
"scada": false
}
}
},
{
"description": "Famille de processeurs Intel Pentium Gold sans les derniers correctifs de s\u00e9curit\u00e9",
"product": {
"name": "les processeurs Intel",
"vendor": {
"name": "Intel",
"scada": false
}
}
},
{
"description": "Processeur Intel Core i9 13900 sans les derniers correctifs de s\u00e9curit\u00e9",
"product": {
"name": "les processeurs Intel",
"vendor": {
"name": "Intel",
"scada": false
}
}
},
{
"description": "Pilotes Linux pour Intel I350 Series Ethernet versions ant\u00e9rieures \u00e0 5.19.2",
"product": {
"name": "N/A",
"vendor": {
"name": "Intel",
"scada": false
}
}
},
{
"description": "Processeur Intel Xeon Platinum de 4e g\u00e9n\u00e9ration sans les derniers correctifs de s\u00e9curit\u00e9",
"product": {
"name": "les processeurs Intel",
"vendor": {
"name": "Intel",
"scada": false
}
}
},
{
"description": "LMS versions ant\u00e9rieures \u00e0 2514.7.16.0",
"product": {
"name": "N/A",
"vendor": {
"name": "Intel",
"scada": false
}
}
},
{
"description": "Processeur Intel Core s\u00e9rie X sans les derniers correctifs de s\u00e9curit\u00e9",
"product": {
"name": "les processeurs Intel",
"vendor": {
"name": "Intel",
"scada": false
}
}
},
{
"description": "PROSet/Wireless Wi-Fi versions ant\u00e9rieures \u00e0 23.110.0.5",
"product": {
"name": "N/A",
"vendor": {
"name": "Intel",
"scada": false
}
}
},
{
"description": "Processeur Intel Xeon E sans les derniers correctifs de s\u00e9curit\u00e9",
"product": {
"name": "les processeurs Intel",
"vendor": {
"name": "Intel",
"scada": false
}
}
},
{
"description": "Edge Orchestrator pour Intel Tiber Edge Platform pour AWS versions ant\u00e9rieures \u00e0 24.11.1",
"product": {
"name": "N/A",
"vendor": {
"name": "Intel",
"scada": false
}
}
},
{
"description": "Intel Core 9 sans les derniers correctifs de s\u00e9curit\u00e9",
"product": {
"name": "les processeurs Intel",
"vendor": {
"name": "Intel",
"scada": false
}
}
},
{
"description": "Pilotes Linux pour Intel 800 Series Ethernet versions ant\u00e9rieures \u00e0 1.17.2",
"product": {
"name": "N/A",
"vendor": {
"name": "Intel",
"scada": false
}
}
},
{
"description": "Processeur Intel Core i7 14700 sans les derniers correctifs de s\u00e9curit\u00e9",
"product": {
"name": "les processeurs Intel",
"vendor": {
"name": "Intel",
"scada": false
}
}
},
{
"description": "Biblioth\u00e8que TinyCBOR versions ant\u00e9rieures \u00e0 0.6.1",
"product": {
"name": "N/A",
"vendor": {
"name": "Intel",
"scada": false
}
}
},
{
"description": "Processeurs Intel Core Ultra (S\u00e9rie 1) sans les derniers correctifs de s\u00e9curit\u00e9",
"product": {
"name": "les processeurs Intel",
"vendor": {
"name": "Intel",
"scada": false
}
}
},
{
"description": "Processeur Intel Xeon Platinum de 5e g\u00e9n\u00e9ration sans les derniers correctifs de s\u00e9curit\u00e9",
"product": {
"name": "les processeurs Intel",
"vendor": {
"name": "Intel",
"scada": false
}
}
},
{
"description": "S\u00e9rie de processeurs Intel Atom P5000 sans les derniers correctifs de s\u00e9curit\u00e9",
"product": {
"name": "les processeurs Intel",
"vendor": {
"name": "Intel",
"scada": false
}
}
},
{
"description": "Intel Driver \u0026 Support Assistant versions ant\u00e9rieures \u00e0 24.6.49.8",
"product": {
"name": "N/A",
"vendor": {
"name": "Intel",
"scada": false
}
}
},
{
"description": "Processeur Celeron s\u00e9rie 6000 sans les derniers correctifs de s\u00e9curit\u00e9",
"product": {
"name": "les processeurs Intel",
"vendor": {
"name": "Intel",
"scada": false
}
}
},
{
"description": "Pilotes Graphics pour processeurs Intel Core de g\u00e9n\u00e9rations 7 \u00e0 10 et Intel Atom Pentium et C\u00e9l\u00e9ron versions ant\u00e9rieures \u00e0 31.0.101.2135",
"product": {
"name": "N/A",
"vendor": {
"name": "Intel",
"scada": false
}
}
},
{
"description": "Pilotes Graphics pour Arc et Iris Xe versions ant\u00e9rieures \u00e0 32.0.101.6737",
"product": {
"name": "N/A",
"vendor": {
"name": "Intel",
"scada": false
}
}
},
{
"description": "Processeurs Intel Core (S\u00e9rie 2) sans les derniers correctifs de s\u00e9curit\u00e9",
"product": {
"name": "les processeurs Intel",
"vendor": {
"name": "Intel",
"scada": false
}
}
},
{
"description": "Micrologiciel pour Intel E810 Ethernet NVM versions ant\u00e9rieures \u00e0 4.6",
"product": {
"name": "N/A",
"vendor": {
"name": "Intel",
"scada": false
}
}
},
{
"description": "S\u00e9rie Intel Atom x6000E sans les derniers correctifs de s\u00e9curit\u00e9",
"product": {
"name": "les processeurs Intel",
"vendor": {
"name": "Intel",
"scada": false
}
}
},
{
"description": "Processeur Celeron s\u00e9rie G sans les derniers correctifs de s\u00e9curit\u00e9",
"product": {
"name": "les processeurs Intel",
"vendor": {
"name": "Intel",
"scada": false
}
}
},
{
"description": "Pilotes Graphics pour Data Center GPU Flex versions ant\u00e9rieures \u00e0 32.0.101.6733",
"product": {
"name": "N/A",
"vendor": {
"name": "Intel",
"scada": false
}
}
},
{
"description": "Trace Analyzer and Collector toutes versions",
"product": {
"name": "N/A",
"vendor": {
"name": "Intel",
"scada": false
}
}
},
{
"description": "S\u00e9rie de processeurs Intel Pentium Gold sans les derniers correctifs de s\u00e9curit\u00e9",
"product": {
"name": "les processeurs Intel",
"vendor": {
"name": "Intel",
"scada": false
}
}
},
{
"description": "Jeux de puces de la s\u00e9rie Intel C620A sans les derniers correctifs de s\u00e9curit\u00e9",
"product": {
"name": "les processeurs Intel",
"vendor": {
"name": "Intel",
"scada": false
}
}
},
{
"description": "Processeur Intel Xeon W s\u00e9rie 1300 sans les derniers correctifs de s\u00e9curit\u00e9",
"product": {
"name": "les processeurs Intel",
"vendor": {
"name": "Intel",
"scada": false
}
}
},
{
"description": "Processeur Intel Xeon de 5e g\u00e9n\u00e9ration sans les derniers correctifs de s\u00e9curit\u00e9",
"product": {
"name": "les processeurs Intel",
"vendor": {
"name": "Intel",
"scada": false
}
}
},
{
"description": "Processeur Intel Core i9 13900E sans les derniers correctifs de s\u00e9curit\u00e9",
"product": {
"name": "les processeurs Intel",
"vendor": {
"name": "Intel",
"scada": false
}
}
},
{
"description": "Processeur Intel Core i7 14701E sans les derniers correctifs de s\u00e9curit\u00e9",
"product": {
"name": "les processeurs Intel",
"vendor": {
"name": "Intel",
"scada": false
}
}
},
{
"description": "Processeur Intel Xeon de 5e g\u00e9n\u00e9rationJeu de puces Intel C420 sans les derniers correctifs de s\u00e9curit\u00e9",
"product": {
"name": "les processeurs Intel",
"vendor": {
"name": "Intel",
"scada": false
}
}
},
{
"description": "Processeur Intel Core de 12e g\u00e9n\u00e9ration sans les derniers correctifs de s\u00e9curit\u00e9",
"product": {
"name": "les processeurs Intel",
"vendor": {
"name": "Intel",
"scada": false
}
}
},
{
"description": "Processeurs Intel Core i9 de 13e g\u00e9n\u00e9ration sans les derniers correctifs de s\u00e9curit\u00e9",
"product": {
"name": "les processeurs Intel",
"vendor": {
"name": "Intel",
"scada": false
}
}
},
{
"description": "Processeur Intel Celeron s\u00e9rie G sans les derniers correctifs de s\u00e9curit\u00e9",
"product": {
"name": "les processeurs Intel",
"vendor": {
"name": "Intel",
"scada": false
}
}
},
{
"description": "Edger8r pour Intel Software Guard Extensions SDK (Intel SGX SDK) toutes versions",
"product": {
"name": "N/A",
"vendor": {
"name": "Intel",
"scada": false
}
}
},
{
"description": "S\u00e9rie de processeurs Intel Celeron J3000/N3000 sans les derniers correctifs de s\u00e9curit\u00e9",
"product": {
"name": "les processeurs Intel",
"vendor": {
"name": "Intel",
"scada": false
}
}
},
{
"description": "Jeux de puces de la s\u00e9rie Intel C740 sans les derniers correctifs de s\u00e9curit\u00e9",
"product": {
"name": "les processeurs Intel",
"vendor": {
"name": "Intel",
"scada": false
}
}
},
{
"description": "Module Trust Domain Extensions (TDX) pour les processeurs Xeon 6 versions ant\u00e9rieures \u00e0 2.0.8",
"product": {
"name": "N/A",
"vendor": {
"name": "Intel",
"scada": false
}
}
},
{
"description": "Jeux de puces de la s\u00e9rie Intel 100 sans les derniers correctifs de s\u00e9curit\u00e9",
"product": {
"name": "les processeurs Intel",
"vendor": {
"name": "Intel",
"scada": false
}
}
},
{
"description": "Processeur Intel Xeon Scalable de 5e g\u00e9n\u00e9ration sans les derniers correctifs de s\u00e9curit\u00e9",
"product": {
"name": "les processeurs Intel",
"vendor": {
"name": "Intel",
"scada": false
}
}
},
{
"description": "Processeurs Intel Xeon Scalable de 4e g\u00e9n\u00e9ration avec Intel vRAN sans les derniers correctifs de s\u00e9curit\u00e9",
"product": {
"name": "les processeurs Intel",
"vendor": {
"name": "Intel",
"scada": false
}
}
},
{
"description": "Jeux de puces de la s\u00e9rie Intel 300 sans les derniers correctifs de s\u00e9curit\u00e9",
"product": {
"name": "les processeurs Intel",
"vendor": {
"name": "Intel",
"scada": false
}
}
},
{
"description": "Jeux de puces de la s\u00e9rie Intel 200 sans les derniers correctifs de s\u00e9curit\u00e9",
"product": {
"name": "les processeurs Intel",
"vendor": {
"name": "Intel",
"scada": false
}
}
},
{
"description": "Processeur Intel Core de 7e g\u00e9n\u00e9ration sans les derniers correctifs de s\u00e9curit\u00e9",
"product": {
"name": "les processeurs Intel",
"vendor": {
"name": "Intel",
"scada": false
}
}
},
{
"description": "Famille de processeurs Intel Core de 14e g\u00e9n\u00e9ration sans les derniers correctifs de s\u00e9curit\u00e9",
"product": {
"name": "les processeurs Intel",
"vendor": {
"name": "Intel",
"scada": false
}
}
},
{
"description": "Device Plugins for Kubernetes versions ant\u00e9rieures \u00e0 0.32.0",
"product": {
"name": "N/A",
"vendor": {
"name": "Intel",
"scada": false
}
}
},
{
"description": "Connectivity Performance Suite versions ant\u00e9rieures \u00e0 40.24.11210",
"product": {
"name": "N/A",
"vendor": {
"name": "Intel",
"scada": false
}
}
},
{
"description": "Jeux de puces Intel C420 sans les derniers correctifs de s\u00e9curit\u00e9",
"product": {
"name": "les processeurs Intel",
"vendor": {
"name": "Intel",
"scada": false
}
}
},
{
"description": "Processeur Intel Core i9 14901E sans les derniers correctifs de s\u00e9curit\u00e9",
"product": {
"name": "les processeurs Intel",
"vendor": {
"name": "Intel",
"scada": false
}
}
},
{
"description": "Processeur Intel Core i9 14900HX sans les derniers correctifs de s\u00e9curit\u00e9",
"product": {
"name": "les processeurs Intel",
"vendor": {
"name": "Intel",
"scada": false
}
}
},
{
"description": "Processeur Intel Core de 6e g\u00e9n\u00e9ration sans les derniers correctifs de s\u00e9curit\u00e9",
"product": {
"name": "les processeurs Intel",
"vendor": {
"name": "Intel",
"scada": false
}
}
},
{
"description": "Jeux de puces de la s\u00e9rie Intel 400 sans les derniers correctifs de s\u00e9curit\u00e9",
"product": {
"name": "les processeurs Intel",
"vendor": {
"name": "Intel",
"scada": false
}
}
},
{
"description": "Trust Domain Extensions (TDX) versions ant\u00e9rieures \u00e0 1.5.07.00.774",
"product": {
"name": "N/A",
"vendor": {
"name": "Intel",
"scada": false
}
}
},
{
"description": "Processeur Intel Xeon Bronze de 5e g\u00e9n\u00e9ration sans les derniers correctifs de s\u00e9curit\u00e9",
"product": {
"name": "les processeurs Intel",
"vendor": {
"name": "Intel",
"scada": false
}
}
},
{
"description": "S\u00e9rie de processeurs Intel Pentium J5000/N5000 sans les derniers correctifs de s\u00e9curit\u00e9",
"product": {
"name": "les processeurs Intel",
"vendor": {
"name": "Intel",
"scada": false
}
}
},
{
"description": "Processeur Intel s\u00e9rie N sans les derniers correctifs de s\u00e9curit\u00e9",
"product": {
"name": "les processeurs Intel",
"vendor": {
"name": "Intel",
"scada": false
}
}
},
{
"description": "Famille de processeurs Intel Core de 12e g\u00e9n\u00e9ration sans les derniers correctifs de s\u00e9curit\u00e9",
"product": {
"name": "les processeurs Intel",
"vendor": {
"name": "Intel",
"scada": false
}
}
},
{
"description": "S\u00e9rie de processeurs Pentium Silver sans les derniers correctifs de s\u00e9curit\u00e9",
"product": {
"name": "les processeurs Intel",
"vendor": {
"name": "Intel",
"scada": false
}
}
},
{
"description": "Processeur Celeron s\u00e9rie N sans les derniers correctifs de s\u00e9curit\u00e9",
"product": {
"name": "les processeurs Intel",
"vendor": {
"name": "Intel",
"scada": false
}
}
},
{
"description": "Processeurs Intel Core Ultra (S\u00e9rie 2) sans les derniers correctifs de s\u00e9curit\u00e9",
"product": {
"name": "les processeurs Intel",
"vendor": {
"name": "Intel",
"scada": false
}
}
},
{
"description": "Processeur Intel Xeon Edge Enhanced de 4e g\u00e9n\u00e9ration sans les derniers correctifs de s\u00e9curit\u00e9",
"product": {
"name": "les processeurs Intel",
"vendor": {
"name": "Intel",
"scada": false
}
}
},
{
"description": "S\u00e9rie de jeux de puces Intel C240 sans les derniers correctifs de s\u00e9curit\u00e9",
"product": {
"name": "les processeurs Intel",
"vendor": {
"name": "Intel",
"scada": false
}
}
},
{
"description": "S\u00e9rie de processeurs Pentium Gold sans les derniers correctifs de s\u00e9curit\u00e9",
"product": {
"name": "les processeurs Intel",
"vendor": {
"name": "Intel",
"scada": false
}
}
},
{
"description": "Rapid Storage Technology versions ant\u00e9rieures \u00e0 20.2.1.1016",
"product": {
"name": "N/A",
"vendor": {
"name": "Intel",
"scada": false
}
}
}
],
"affected_systems_content": "",
"content": "## Solutions\n\nSe r\u00e9f\u00e9rer au bulletin de s\u00e9curit\u00e9 de l\u0027\u00e9diteur pour l\u0027obtention des correctifs (cf. section Documentation).",
"cves": [
{
"name": "CVE-2025-20627",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-20627"
},
{
"name": "CVE-2025-24523",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-24523"
},
{
"name": "CVE-2025-24515",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-24515"
},
{
"name": "CVE-2025-20109",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-20109"
},
{
"name": "CVE-2025-20099",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-20099"
},
{
"name": "CVE-2025-25273",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-25273"
},
{
"name": "CVE-2025-24840",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-24840"
},
{
"name": "CVE-2024-33607",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-33607"
},
{
"name": "CVE-2025-26472",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-26472"
},
{
"name": "CVE-2025-20037",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-20037"
},
{
"name": "CVE-2025-26403",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-26403"
},
{
"name": "CVE-2025-26404",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-26404"
},
{
"name": "CVE-2025-22392",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-22392"
},
{
"name": "CVE-2025-20093",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-20093"
},
{
"name": "CVE-2025-24923",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-24923"
},
{
"name": "CVE-2025-21090",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21090"
},
{
"name": "CVE-2025-24835",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-24835"
},
{
"name": "CVE-2025-24302",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-24302"
},
{
"name": "CVE-2025-20613",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-20613"
},
{
"name": "CVE-2025-22839",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-22839"
},
{
"name": "CVE-2025-24511",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-24511"
},
{
"name": "CVE-2025-20092",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-20092"
},
{
"name": "CVE-2025-24303",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-24303"
},
{
"name": "CVE-2025-21093",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21093"
},
{
"name": "CVE-2025-22853",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-22853"
},
{
"name": "CVE-2025-22889",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-22889"
},
{
"name": "CVE-2025-26470",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-26470"
},
{
"name": "CVE-2025-20067",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-20067"
},
{
"name": "CVE-2025-22840",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-22840"
},
{
"name": "CVE-2025-32004",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-32004"
},
{
"name": "CVE-2025-24484",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-24484"
},
{
"name": "CVE-2025-20017",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-20017"
},
{
"name": "CVE-2025-24323",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-24323"
},
{
"name": "CVE-2025-27250",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-27250"
},
{
"name": "CVE-2025-27537",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-27537"
},
{
"name": "CVE-2025-20090",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-20090"
},
{
"name": "CVE-2025-21096",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21096"
},
{
"name": "CVE-2025-20053",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-20053"
},
{
"name": "CVE-2025-27717",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-27717"
},
{
"name": "CVE-2025-27576",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-27576"
},
{
"name": "CVE-2025-20077",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-20077"
},
{
"name": "CVE-2025-32086",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-32086"
},
{
"name": "CVE-2025-27559",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-27559"
},
{
"name": "CVE-2025-24921",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-24921"
},
{
"name": "CVE-2025-26697",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-26697"
},
{
"name": "CVE-2025-22838",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-22838"
},
{
"name": "CVE-2025-26863",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-26863"
},
{
"name": "CVE-2025-24520",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-24520"
},
{
"name": "CVE-2025-20025",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-20025"
},
{
"name": "CVE-2025-20048",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-20048"
},
{
"name": "CVE-2025-22836",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-22836"
},
{
"name": "CVE-2025-20074",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-20074"
},
{
"name": "CVE-2025-27707",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-27707"
},
{
"name": "CVE-2025-24313",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-24313"
},
{
"name": "CVE-2025-22893",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-22893"
},
{
"name": "CVE-2025-20044",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-20044"
},
{
"name": "CVE-2025-23241",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-23241"
},
{
"name": "CVE-2025-24325",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-24325"
},
{
"name": "CVE-2025-21086",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21086"
},
{
"name": "CVE-2025-20087",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-20087"
},
{
"name": "CVE-2025-20625",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-20625"
},
{
"name": "CVE-2025-24324",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-24324"
},
{
"name": "CVE-2025-24486",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-24486"
},
{
"name": "CVE-2025-20023",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-20023"
},
{
"name": "CVE-2025-24296",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-24296"
},
{
"name": "CVE-2025-24305",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-24305"
}
],
"initial_release_date": "2025-08-13T00:00:00",
"last_revision_date": "2025-08-13T00:00:00",
"links": [],
"reference": "CERTFR-2025-AVI-0684",
"revisions": [
{
"description": "Version initiale",
"revision_date": "2025-08-13T00:00:00.000000"
}
],
"risks": [
{
"description": "D\u00e9ni de service \u00e0 distance"
},
{
"description": "Atteinte \u00e0 la confidentialit\u00e9 des donn\u00e9es"
},
{
"description": "\u00c9l\u00e9vation de privil\u00e8ges"
}
],
"summary": "De multiples vuln\u00e9rabilit\u00e9s ont \u00e9t\u00e9 d\u00e9couvertes dans les produits Intel. Certaines d\u0027entre elles permettent \u00e0 un attaquant de provoquer une \u00e9l\u00e9vation de privil\u00e8ges, un d\u00e9ni de service \u00e0 distance et une atteinte \u00e0 la confidentialit\u00e9 des donn\u00e9es.",
"title": "Multiples vuln\u00e9rabilit\u00e9s dans les produits Intel",
"vendor_advisories": [
{
"published_at": "2025-08-12",
"title": "Bulletin de s\u00e9curit\u00e9 Intel INTEL-SA-01316",
"url": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-01316.html"
},
{
"published_at": "2025-08-12",
"title": "Bulletin de s\u00e9curit\u00e9 Intel INTEL-SA-01296",
"url": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-01296.html"
},
{
"published_at": "2025-08-12",
"title": "Bulletin de s\u00e9curit\u00e9 Intel INTEL-SA-01347",
"url": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-01347.html"
},
{
"published_at": "2025-08-12",
"title": "Bulletin de s\u00e9curit\u00e9 Intel INTEL-SA-01335",
"url": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-01335.html"
},
{
"published_at": "2025-08-12",
"title": "Bulletin de s\u00e9curit\u00e9 Intel INTEL-SA-01329",
"url": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-01329.html"
},
{
"published_at": "2025-08-12",
"title": "Bulletin de s\u00e9curit\u00e9 Intel INTEL-SA-01280",
"url": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-01280.html"
},
{
"published_at": "2025-08-12",
"title": "Bulletin de s\u00e9curit\u00e9 Intel INTEL-SA-01257",
"url": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-01257.html"
},
{
"published_at": "2025-08-12",
"title": "Bulletin de s\u00e9curit\u00e9 Intel INTEL-SA-01342",
"url": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-01342.html"
},
{
"published_at": "2025-08-12",
"title": "Bulletin de s\u00e9curit\u00e9 Intel INTEL-SA-01313",
"url": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-01313.html"
},
{
"published_at": "2025-08-12",
"title": "Bulletin de s\u00e9curit\u00e9 Intel INTEL-SA-01192",
"url": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-01192.html"
},
{
"published_at": "2025-09-09",
"title": "Bulletin de s\u00e9curit\u00e9 Intel INTEL-SA-01300",
"url": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-01300.html"
},
{
"published_at": "2025-08-12",
"title": "Bulletin de s\u00e9curit\u00e9 Intel INTEL-SA-01245",
"url": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-01245.html"
},
{
"published_at": "2025-08-12",
"title": "Bulletin de s\u00e9curit\u00e9 Intel INTEL-SA-01310",
"url": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-01310.html"
},
{
"published_at": "2025-08-12",
"title": "Bulletin de s\u00e9curit\u00e9 Intel INTEL-SA-01383",
"url": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-01383.html"
},
{
"published_at": "2025-08-12",
"title": "Bulletin de s\u00e9curit\u00e9 Intel INTEL-SA-01318",
"url": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-01318.html"
},
{
"published_at": "2025-08-12",
"title": "Bulletin de s\u00e9curit\u00e9 Intel INTEL-SA-01308",
"url": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-01308.html"
},
{
"published_at": "2025-08-12",
"title": "Bulletin de s\u00e9curit\u00e9 Intel INTEL-SA-01321",
"url": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-01321.html"
},
{
"published_at": "2025-08-12",
"title": "Bulletin de s\u00e9curit\u00e9 Intel INTEL-SA-01339",
"url": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-01339.html"
},
{
"published_at": "2025-08-12",
"title": "Bulletin de s\u00e9curit\u00e9 Intel INTEL-SA-01317",
"url": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-01317.html"
},
{
"published_at": "2025-08-12",
"title": "Bulletin de s\u00e9curit\u00e9 Intel INTEL-SA-01311",
"url": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-01311.html"
},
{
"published_at": "2025-08-12",
"title": "Bulletin de s\u00e9curit\u00e9 Intel INTEL-SA-01292",
"url": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-01292.html"
},
{
"published_at": "2025-08-12",
"title": "Bulletin de s\u00e9curit\u00e9 Intel INTEL-SA-01285",
"url": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-01285.html"
},
{
"published_at": "2025-08-12",
"title": "Bulletin de s\u00e9curit\u00e9 Intel INTEL-SA-01367",
"url": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-01367.html"
},
{
"published_at": "2025-08-12",
"title": "Bulletin de s\u00e9curit\u00e9 Intel INTEL-SA-01345",
"url": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-01345.html"
},
{
"published_at": "2025-08-12",
"title": "Bulletin de s\u00e9curit\u00e9 Intel INTEL-SA-01266",
"url": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-01266.html"
},
{
"published_at": "2025-08-12",
"title": "Bulletin de s\u00e9curit\u00e9 Intel INTEL-SA-01286",
"url": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-01286.html"
},
{
"published_at": "2025-08-12",
"title": "Bulletin de s\u00e9curit\u00e9 Intel INTEL-SA-01301",
"url": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-01301.html"
},
{
"published_at": "2025-08-12",
"title": "Bulletin de s\u00e9curit\u00e9 Intel INTEL-SA-01338",
"url": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-01338.html"
},
{
"published_at": "2025-08-12",
"title": "Bulletin de s\u00e9curit\u00e9 Intel INTEL-SA-01299",
"url": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-01299.html"
},
{
"published_at": "2025-08-12",
"title": "Bulletin de s\u00e9curit\u00e9 Intel INTEL-SA-01352",
"url": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-01352.html"
},
{
"published_at": "2025-08-12",
"title": "Bulletin de s\u00e9curit\u00e9 Intel INTEL-SA-01249",
"url": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-01249.html"
},
{
"published_at": "2025-08-12",
"title": "Bulletin de s\u00e9curit\u00e9 Intel INTEL-SA-01298",
"url": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-01298.html"
},
{
"published_at": "2025-08-12",
"title": "Bulletin de s\u00e9curit\u00e9 Intel INTEL-SA-01312",
"url": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-01312.html"
},
{
"published_at": "2025-08-12",
"title": "Bulletin de s\u00e9curit\u00e9 Intel INTEL-SA-01326",
"url": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-01326.html"
}
]
}
CNVD-2025-21340
Vulnerability from cnvd - Published: 2025-09-15
VLAI
Title
Intel Xeon Processors权限提升漏洞(CNVD-2025-21340)
Description
Intel Xeon Processors是英特尔面向企业级服务器、工作站及高性能计算(HPC)市场推出的处理器系列,主要服务于数据中心、云计算、人工智能等领域。
Intel Xeon Processors存在权限提升漏洞,该漏洞源于缓冲区限制不当,目前没有详细的漏洞细节提供。
Severity
中
Patch Name
Intel Xeon Processors权限提升漏洞(CNVD-2025-21340)的补丁
Patch Description
Intel Xeon Processors是英特尔面向企业级服务器、工作站及高性能计算(HPC)市场推出的处理器系列,主要服务于数据中心、云计算、人工智能等领域。
Intel Xeon Processors存在权限提升漏洞,该漏洞源于缓冲区限制不当,目前没有详细的漏洞细节提供。目前,供应商发布了安全公告及相关补丁信息,修复了此漏洞。
Formal description
目前厂商已发布升级程序修复该安全问题,详情见厂商官网: https://intel.com/content/www/us/en/security-center/advisory/intel-sa-01313.html
Reference
https://nvd.nist.gov/vuln/detail/CVE-2025-20053
Impacted products
| Name | Intel Xeon Processor |
|---|
{
"cves": {
"cve": {
"cveNumber": "CVE-2025-20053",
"cveUrl": "https://nvd.nist.gov/vuln/detail/CVE-2025-20053"
}
},
"description": "Intel Xeon Processors\u662f\u82f1\u7279\u5c14\u9762\u5411\u4f01\u4e1a\u7ea7\u670d\u52a1\u5668\u3001\u5de5\u4f5c\u7ad9\u53ca\u9ad8\u6027\u80fd\u8ba1\u7b97\uff08HPC\uff09\u5e02\u573a\u63a8\u51fa\u7684\u5904\u7406\u5668\u7cfb\u5217\uff0c\u4e3b\u8981\u670d\u52a1\u4e8e\u6570\u636e\u4e2d\u5fc3\u3001\u4e91\u8ba1\u7b97\u3001\u4eba\u5de5\u667a\u80fd\u7b49\u9886\u57df\u3002\n\nIntel Xeon Processors\u5b58\u5728\u6743\u9650\u63d0\u5347\u6f0f\u6d1e\uff0c\u8be5\u6f0f\u6d1e\u6e90\u4e8e\u7f13\u51b2\u533a\u9650\u5236\u4e0d\u5f53\uff0c\u76ee\u524d\u6ca1\u6709\u8be6\u7ec6\u7684\u6f0f\u6d1e\u7ec6\u8282\u63d0\u4f9b\u3002",
"formalWay": "\u76ee\u524d\u5382\u5546\u5df2\u53d1\u5e03\u5347\u7ea7\u7a0b\u5e8f\u4fee\u590d\u8be5\u5b89\u5168\u95ee\u9898\uff0c\u8be6\u60c5\u89c1\u5382\u5546\u5b98\u7f51\uff1a\r\nhttps://intel.com/content/www/us/en/security-center/advisory/intel-sa-01313.html",
"isEvent": "\u901a\u7528\u8f6f\u786c\u4ef6\u6f0f\u6d1e",
"number": "CNVD-2025-21340",
"openTime": "2025-09-15",
"patchDescription": "Intel Xeon Processors\u662f\u82f1\u7279\u5c14\u9762\u5411\u4f01\u4e1a\u7ea7\u670d\u52a1\u5668\u3001\u5de5\u4f5c\u7ad9\u53ca\u9ad8\u6027\u80fd\u8ba1\u7b97\uff08HPC\uff09\u5e02\u573a\u63a8\u51fa\u7684\u5904\u7406\u5668\u7cfb\u5217\uff0c\u4e3b\u8981\u670d\u52a1\u4e8e\u6570\u636e\u4e2d\u5fc3\u3001\u4e91\u8ba1\u7b97\u3001\u4eba\u5de5\u667a\u80fd\u7b49\u9886\u57df\u3002\r\n\r\nIntel Xeon Processors\u5b58\u5728\u6743\u9650\u63d0\u5347\u6f0f\u6d1e\uff0c\u8be5\u6f0f\u6d1e\u6e90\u4e8e\u7f13\u51b2\u533a\u9650\u5236\u4e0d\u5f53\uff0c\u76ee\u524d\u6ca1\u6709\u8be6\u7ec6\u7684\u6f0f\u6d1e\u7ec6\u8282\u63d0\u4f9b\u3002\u76ee\u524d\uff0c\u4f9b\u5e94\u5546\u53d1\u5e03\u4e86\u5b89\u5168\u516c\u544a\u53ca\u76f8\u5173\u8865\u4e01\u4fe1\u606f\uff0c\u4fee\u590d\u4e86\u6b64\u6f0f\u6d1e\u3002",
"patchName": "Intel Xeon Processors\u6743\u9650\u63d0\u5347\u6f0f\u6d1e\uff08CNVD-2025-21340\uff09\u7684\u8865\u4e01",
"products": {
"product": "Intel Xeon Processor"
},
"referenceLink": "https://nvd.nist.gov/vuln/detail/CVE-2025-20053",
"serverity": "\u4e2d",
"submitTime": "2025-08-20",
"title": "Intel Xeon Processors\u6743\u9650\u63d0\u5347\u6f0f\u6d1e\uff08CNVD-2025-21340\uff09"
}
FKIE_CVE-2025-20053
Vulnerability from fkie_nvd - Published: 2025-08-12 17:15 - Updated: 2026-04-15 00:35
Severity
Summary
Improper buffer restrictions for some Intel(R) Xeon(R) Processor firmware with SGX enabled may allow a privileged user to potentially enable escalation of privilege via local access.
References
Impacted products
| Vendor | Product | Version |
|---|
{
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Improper buffer restrictions for some Intel(R) Xeon(R) Processor firmware with SGX enabled may allow a privileged user to potentially enable escalation of privilege via local access."
},
{
"lang": "es",
"value": "Las restricciones de b\u00fafer inadecuadas para algunos firmware de procesadores Intel(R) Xeon(R) con SGX habilitado pueden permitir que un usuario privilegiado habilite potencialmente la escalada de privilegios a trav\u00e9s del acceso local."
}
],
"id": "CVE-2025-20053",
"lastModified": "2026-04-15T00:35:42.020",
"metrics": {
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "HIGH",
"attackVector": "LOCAL",
"availabilityImpact": "NONE",
"baseScore": 7.2,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "HIGH",
"scope": "CHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:C/C:H/I:H/A:N",
"version": "3.1"
},
"exploitabilityScore": 0.8,
"impactScore": 5.8,
"source": "secure@intel.com",
"type": "Secondary"
}
],
"cvssMetricV40": [
{
"cvssData": {
"Automatable": "NOT_DEFINED",
"Recovery": "NOT_DEFINED",
"Safety": "NOT_DEFINED",
"attackComplexity": "HIGH",
"attackRequirements": "NONE",
"attackVector": "LOCAL",
"availabilityRequirement": "NOT_DEFINED",
"baseScore": 7.0,
"baseSeverity": "HIGH",
"confidentialityRequirement": "NOT_DEFINED",
"exploitMaturity": "NOT_DEFINED",
"integrityRequirement": "NOT_DEFINED",
"modifiedAttackComplexity": "NOT_DEFINED",
"modifiedAttackRequirements": "NOT_DEFINED",
"modifiedAttackVector": "NOT_DEFINED",
"modifiedPrivilegesRequired": "NOT_DEFINED",
"modifiedSubAvailabilityImpact": "NOT_DEFINED",
"modifiedSubConfidentialityImpact": "NOT_DEFINED",
"modifiedSubIntegrityImpact": "NOT_DEFINED",
"modifiedUserInteraction": "NOT_DEFINED",
"modifiedVulnAvailabilityImpact": "NOT_DEFINED",
"modifiedVulnConfidentialityImpact": "NOT_DEFINED",
"modifiedVulnIntegrityImpact": "NOT_DEFINED",
"privilegesRequired": "HIGH",
"providerUrgency": "NOT_DEFINED",
"subAvailabilityImpact": "NONE",
"subConfidentialityImpact": "NONE",
"subIntegrityImpact": "NONE",
"userInteraction": "NONE",
"valueDensity": "NOT_DEFINED",
"vectorString": "CVSS:4.0/AV:L/AC:H/AT:N/PR:H/UI:N/VC:H/VI:H/VA:N/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X",
"version": "4.0",
"vulnAvailabilityImpact": "NONE",
"vulnConfidentialityImpact": "HIGH",
"vulnIntegrityImpact": "HIGH",
"vulnerabilityResponseEffort": "NOT_DEFINED"
},
"source": "secure@intel.com",
"type": "Secondary"
}
]
},
"published": "2025-08-12T17:15:28.280",
"references": [
{
"source": "secure@intel.com",
"url": "https://intel.com/content/www/us/en/security-center/advisory/intel-sa-01313.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://lists.debian.org/debian-lts-announce/2025/10/msg00027.html"
}
],
"sourceIdentifier": "secure@intel.com",
"vulnStatus": "Deferred",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-119"
}
],
"source": "secure@intel.com",
"type": "Secondary"
}
]
}
GHSA-4H3Q-H7PR-48V4
Vulnerability from github – Published: 2025-08-12 18:31 – Updated: 2025-11-03 18:31
VLAI
Details
Improper buffer restrictions for some Intel(R) Xeon(R) Processor firmware with SGX enabled may allow a privileged user to potentially enable escalation of privilege via local access.
Severity
{
"affected": [],
"aliases": [
"CVE-2025-20053"
],
"database_specific": {
"cwe_ids": [
"CWE-119"
],
"github_reviewed": false,
"github_reviewed_at": null,
"nvd_published_at": "2025-08-12T17:15:28Z",
"severity": "HIGH"
},
"details": "Improper buffer restrictions for some Intel(R) Xeon(R) Processor firmware with SGX enabled may allow a privileged user to potentially enable escalation of privilege via local access.",
"id": "GHSA-4h3q-h7pr-48v4",
"modified": "2025-11-03T18:31:32Z",
"published": "2025-08-12T18:31:27Z",
"references": [
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-20053"
},
{
"type": "WEB",
"url": "https://intel.com/content/www/us/en/security-center/advisory/intel-sa-01313.html"
},
{
"type": "WEB",
"url": "https://lists.debian.org/debian-lts-announce/2025/10/msg00027.html"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": "CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:C/C:H/I:H/A:N",
"type": "CVSS_V3"
},
{
"score": "CVSS:4.0/AV:L/AC:H/AT:N/PR:H/UI:N/VC:H/VI:H/VA:N/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X",
"type": "CVSS_V4"
}
]
}
OPENSUSE-SU-2025:15491-1
Vulnerability from csaf_opensuse - Published: 2025-08-25 00:00 - Updated: 2025-08-25 00:00Summary
ucode-intel-20250812-1.1 on GA media
Severity
Moderate
Notes
Title of the patch: ucode-intel-20250812-1.1 on GA media
Description of the patch: These are all security issues fixed in the ucode-intel-20250812-1.1 package on the GA media of openSUSE Tumbleweed.
Patchnames: openSUSE-Tumbleweed-2025-15491
Terms of use: CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).
7.2 (High)
Affected products
Recommended
4 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: openSUSE Tumbleweed:ucode-intel-20250812-1.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:ucode-intel-20250812-1.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:ucode-intel-20250812-1.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:ucode-intel-20250812-1.1.x86_64 | — |
Vendor Fix
|
Threats
Impact
important
7.8 (High)
Affected products
Recommended
4 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: openSUSE Tumbleweed:ucode-intel-20250812-1.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:ucode-intel-20250812-1.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:ucode-intel-20250812-1.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:ucode-intel-20250812-1.1.x86_64 | — |
Vendor Fix
|
Threats
Impact
important
7.5 (High)
Affected products
Recommended
4 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: openSUSE Tumbleweed:ucode-intel-20250812-1.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:ucode-intel-20250812-1.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:ucode-intel-20250812-1.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:ucode-intel-20250812-1.1.x86_64 | — |
Vendor Fix
|
Threats
Impact
important
7.4 (High)
Affected products
Recommended
4 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: openSUSE Tumbleweed:ucode-intel-20250812-1.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:ucode-intel-20250812-1.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:ucode-intel-20250812-1.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:ucode-intel-20250812-1.1.x86_64 | — |
Vendor Fix
|
Threats
Impact
important
7.9 (High)
Affected products
Recommended
4 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: openSUSE Tumbleweed:ucode-intel-20250812-1.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:ucode-intel-20250812-1.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:ucode-intel-20250812-1.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:ucode-intel-20250812-1.1.x86_64 | — |
Vendor Fix
|
Threats
Impact
important
7.2 (High)
Affected products
Recommended
4 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: openSUSE Tumbleweed:ucode-intel-20250812-1.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:ucode-intel-20250812-1.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:ucode-intel-20250812-1.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:ucode-intel-20250812-1.1.x86_64 | — |
Vendor Fix
|
Threats
Impact
important
7.2 (High)
Affected products
Recommended
4 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: openSUSE Tumbleweed:ucode-intel-20250812-1.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:ucode-intel-20250812-1.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:ucode-intel-20250812-1.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:ucode-intel-20250812-1.1.x86_64 | — |
Vendor Fix
|
Threats
Impact
important
References
23 references
| URL | Category |
|---|---|
| https://www.suse.com/support/security/rating/ | external |
| https://ftp.suse.com/pub/projects/security/csaf/o… | self |
| https://www.suse.com/security/cve/CVE-2025-20053/ | self |
| https://www.suse.com/security/cve/CVE-2025-20109/ | self |
| https://www.suse.com/security/cve/CVE-2025-22839/ | self |
| https://www.suse.com/security/cve/CVE-2025-22840/ | self |
| https://www.suse.com/security/cve/CVE-2025-22889/ | self |
| https://www.suse.com/security/cve/CVE-2025-26403/ | self |
| https://www.suse.com/security/cve/CVE-2025-32086/ | self |
| https://www.suse.com/security/cve/CVE-2025-20053 | external |
| https://bugzilla.suse.com/1248438 | external |
| https://www.suse.com/security/cve/CVE-2025-20109 | external |
| https://bugzilla.suse.com/1248438 | external |
| https://www.suse.com/security/cve/CVE-2025-22839 | external |
| https://bugzilla.suse.com/1248438 | external |
| https://www.suse.com/security/cve/CVE-2025-22840 | external |
| https://bugzilla.suse.com/1248438 | external |
| https://www.suse.com/security/cve/CVE-2025-22889 | external |
| https://bugzilla.suse.com/1248438 | external |
| https://www.suse.com/security/cve/CVE-2025-26403 | external |
| https://bugzilla.suse.com/1248438 | external |
| https://www.suse.com/security/cve/CVE-2025-32086 | external |
| https://bugzilla.suse.com/1248438 | external |
{
"document": {
"aggregate_severity": {
"namespace": "https://www.suse.com/support/security/rating/",
"text": "moderate"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright 2024 SUSE LLC. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "ucode-intel-20250812-1.1 on GA media",
"title": "Title of the patch"
},
{
"category": "description",
"text": "These are all security issues fixed in the ucode-intel-20250812-1.1 package on the GA media of openSUSE Tumbleweed.",
"title": "Description of the patch"
},
{
"category": "details",
"text": "openSUSE-Tumbleweed-2025-15491",
"title": "Patchnames"
},
{
"category": "legal_disclaimer",
"text": "CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).",
"title": "Terms of use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://www.suse.com/support/security/contact/",
"name": "SUSE Product Security Team",
"namespace": "https://www.suse.com/"
},
"references": [
{
"category": "external",
"summary": "SUSE ratings",
"url": "https://www.suse.com/support/security/rating/"
},
{
"category": "self",
"summary": "URL of this CSAF notice",
"url": "https://ftp.suse.com/pub/projects/security/csaf/opensuse-su-2025_15491-1.json"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-20053 page",
"url": "https://www.suse.com/security/cve/CVE-2025-20053/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-20109 page",
"url": "https://www.suse.com/security/cve/CVE-2025-20109/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-22839 page",
"url": "https://www.suse.com/security/cve/CVE-2025-22839/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-22840 page",
"url": "https://www.suse.com/security/cve/CVE-2025-22840/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-22889 page",
"url": "https://www.suse.com/security/cve/CVE-2025-22889/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-26403 page",
"url": "https://www.suse.com/security/cve/CVE-2025-26403/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-32086 page",
"url": "https://www.suse.com/security/cve/CVE-2025-32086/"
}
],
"title": "ucode-intel-20250812-1.1 on GA media",
"tracking": {
"current_release_date": "2025-08-25T00:00:00Z",
"generator": {
"date": "2025-08-25T00:00:00Z",
"engine": {
"name": "cve-database.git:bin/generate-csaf.pl",
"version": "1"
}
},
"id": "openSUSE-SU-2025:15491-1",
"initial_release_date": "2025-08-25T00:00:00Z",
"revision_history": [
{
"date": "2025-08-25T00:00:00Z",
"number": "1",
"summary": "Current version"
}
],
"status": "final",
"version": "1"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_version",
"name": "ucode-intel-20250812-1.1.aarch64",
"product": {
"name": "ucode-intel-20250812-1.1.aarch64",
"product_id": "ucode-intel-20250812-1.1.aarch64"
}
}
],
"category": "architecture",
"name": "aarch64"
},
{
"branches": [
{
"category": "product_version",
"name": "ucode-intel-20250812-1.1.ppc64le",
"product": {
"name": "ucode-intel-20250812-1.1.ppc64le",
"product_id": "ucode-intel-20250812-1.1.ppc64le"
}
}
],
"category": "architecture",
"name": "ppc64le"
},
{
"branches": [
{
"category": "product_version",
"name": "ucode-intel-20250812-1.1.s390x",
"product": {
"name": "ucode-intel-20250812-1.1.s390x",
"product_id": "ucode-intel-20250812-1.1.s390x"
}
}
],
"category": "architecture",
"name": "s390x"
},
{
"branches": [
{
"category": "product_version",
"name": "ucode-intel-20250812-1.1.x86_64",
"product": {
"name": "ucode-intel-20250812-1.1.x86_64",
"product_id": "ucode-intel-20250812-1.1.x86_64"
}
}
],
"category": "architecture",
"name": "x86_64"
},
{
"branches": [
{
"category": "product_name",
"name": "openSUSE Tumbleweed",
"product": {
"name": "openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed",
"product_identification_helper": {
"cpe": "cpe:/o:opensuse:tumbleweed"
}
}
}
],
"category": "product_family",
"name": "SUSE Linux Enterprise"
}
],
"category": "vendor",
"name": "SUSE"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "ucode-intel-20250812-1.1.aarch64 as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:ucode-intel-20250812-1.1.aarch64"
},
"product_reference": "ucode-intel-20250812-1.1.aarch64",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "ucode-intel-20250812-1.1.ppc64le as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:ucode-intel-20250812-1.1.ppc64le"
},
"product_reference": "ucode-intel-20250812-1.1.ppc64le",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "ucode-intel-20250812-1.1.s390x as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:ucode-intel-20250812-1.1.s390x"
},
"product_reference": "ucode-intel-20250812-1.1.s390x",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "ucode-intel-20250812-1.1.x86_64 as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:ucode-intel-20250812-1.1.x86_64"
},
"product_reference": "ucode-intel-20250812-1.1.x86_64",
"relates_to_product_reference": "openSUSE Tumbleweed"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2025-20053",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-20053"
}
],
"notes": [
{
"category": "general",
"text": "Improper buffer restrictions for some Intel(R) Xeon(R) Processor firmware with SGX enabled may allow a privileged user to potentially enable escalation of privilege via local access.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:ucode-intel-20250812-1.1.aarch64",
"openSUSE Tumbleweed:ucode-intel-20250812-1.1.ppc64le",
"openSUSE Tumbleweed:ucode-intel-20250812-1.1.s390x",
"openSUSE Tumbleweed:ucode-intel-20250812-1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-20053",
"url": "https://www.suse.com/security/cve/CVE-2025-20053"
},
{
"category": "external",
"summary": "SUSE Bug 1248438 for CVE-2025-20053",
"url": "https://bugzilla.suse.com/1248438"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:ucode-intel-20250812-1.1.aarch64",
"openSUSE Tumbleweed:ucode-intel-20250812-1.1.ppc64le",
"openSUSE Tumbleweed:ucode-intel-20250812-1.1.s390x",
"openSUSE Tumbleweed:ucode-intel-20250812-1.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.2,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:C/C:H/I:H/A:N",
"version": "3.1"
},
"products": [
"openSUSE Tumbleweed:ucode-intel-20250812-1.1.aarch64",
"openSUSE Tumbleweed:ucode-intel-20250812-1.1.ppc64le",
"openSUSE Tumbleweed:ucode-intel-20250812-1.1.s390x",
"openSUSE Tumbleweed:ucode-intel-20250812-1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-08-25T00:00:00Z",
"details": "important"
}
],
"title": "CVE-2025-20053"
},
{
"cve": "CVE-2025-20109",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-20109"
}
],
"notes": [
{
"category": "general",
"text": "Improper Isolation or Compartmentalization in the stream cache mechanism for some Intel(R) Processors may allow an authenticated user to potentially enable escalation of privilege via local access.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:ucode-intel-20250812-1.1.aarch64",
"openSUSE Tumbleweed:ucode-intel-20250812-1.1.ppc64le",
"openSUSE Tumbleweed:ucode-intel-20250812-1.1.s390x",
"openSUSE Tumbleweed:ucode-intel-20250812-1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-20109",
"url": "https://www.suse.com/security/cve/CVE-2025-20109"
},
{
"category": "external",
"summary": "SUSE Bug 1248438 for CVE-2025-20109",
"url": "https://bugzilla.suse.com/1248438"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:ucode-intel-20250812-1.1.aarch64",
"openSUSE Tumbleweed:ucode-intel-20250812-1.1.ppc64le",
"openSUSE Tumbleweed:ucode-intel-20250812-1.1.s390x",
"openSUSE Tumbleweed:ucode-intel-20250812-1.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:C/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"openSUSE Tumbleweed:ucode-intel-20250812-1.1.aarch64",
"openSUSE Tumbleweed:ucode-intel-20250812-1.1.ppc64le",
"openSUSE Tumbleweed:ucode-intel-20250812-1.1.s390x",
"openSUSE Tumbleweed:ucode-intel-20250812-1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-08-25T00:00:00Z",
"details": "important"
}
],
"title": "CVE-2025-20109"
},
{
"cve": "CVE-2025-22839",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-22839"
}
],
"notes": [
{
"category": "general",
"text": "Insufficient granularity of access control in the OOB-MSM for some Intel(R) Xeon(R) 6 Scalable processors may allow a privileged user to potentially enable escalation of privilege via adjacent access.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:ucode-intel-20250812-1.1.aarch64",
"openSUSE Tumbleweed:ucode-intel-20250812-1.1.ppc64le",
"openSUSE Tumbleweed:ucode-intel-20250812-1.1.s390x",
"openSUSE Tumbleweed:ucode-intel-20250812-1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-22839",
"url": "https://www.suse.com/security/cve/CVE-2025-22839"
},
{
"category": "external",
"summary": "SUSE Bug 1248438 for CVE-2025-22839",
"url": "https://bugzilla.suse.com/1248438"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:ucode-intel-20250812-1.1.aarch64",
"openSUSE Tumbleweed:ucode-intel-20250812-1.1.ppc64le",
"openSUSE Tumbleweed:ucode-intel-20250812-1.1.s390x",
"openSUSE Tumbleweed:ucode-intel-20250812-1.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.5,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:A/AC:H/PR:H/UI:N/S:C/C:H/I:H/A:L",
"version": "3.1"
},
"products": [
"openSUSE Tumbleweed:ucode-intel-20250812-1.1.aarch64",
"openSUSE Tumbleweed:ucode-intel-20250812-1.1.ppc64le",
"openSUSE Tumbleweed:ucode-intel-20250812-1.1.s390x",
"openSUSE Tumbleweed:ucode-intel-20250812-1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-08-25T00:00:00Z",
"details": "important"
}
],
"title": "CVE-2025-22839"
},
{
"cve": "CVE-2025-22840",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-22840"
}
],
"notes": [
{
"category": "general",
"text": "Sequence of processor instructions leads to unexpected behavior for some Intel(R) Xeon(R) 6 Scalable processors may allow an authenticated user to potentially enable escalation of privilege via local access",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:ucode-intel-20250812-1.1.aarch64",
"openSUSE Tumbleweed:ucode-intel-20250812-1.1.ppc64le",
"openSUSE Tumbleweed:ucode-intel-20250812-1.1.s390x",
"openSUSE Tumbleweed:ucode-intel-20250812-1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-22840",
"url": "https://www.suse.com/security/cve/CVE-2025-22840"
},
{
"category": "external",
"summary": "SUSE Bug 1248438 for CVE-2025-22840",
"url": "https://bugzilla.suse.com/1248438"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:ucode-intel-20250812-1.1.aarch64",
"openSUSE Tumbleweed:ucode-intel-20250812-1.1.ppc64le",
"openSUSE Tumbleweed:ucode-intel-20250812-1.1.s390x",
"openSUSE Tumbleweed:ucode-intel-20250812-1.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.4,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:R/S:C/C:H/I:H/A:L",
"version": "3.1"
},
"products": [
"openSUSE Tumbleweed:ucode-intel-20250812-1.1.aarch64",
"openSUSE Tumbleweed:ucode-intel-20250812-1.1.ppc64le",
"openSUSE Tumbleweed:ucode-intel-20250812-1.1.s390x",
"openSUSE Tumbleweed:ucode-intel-20250812-1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-08-25T00:00:00Z",
"details": "important"
}
],
"title": "CVE-2025-22840"
},
{
"cve": "CVE-2025-22889",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-22889"
}
],
"notes": [
{
"category": "general",
"text": "Improper handling of overlap between protected memory ranges for some Intel(R) Xeon(R) 6 processor with Intel(R) TDX may allow a privileged user to potentially enable escalation of privilege via local access.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:ucode-intel-20250812-1.1.aarch64",
"openSUSE Tumbleweed:ucode-intel-20250812-1.1.ppc64le",
"openSUSE Tumbleweed:ucode-intel-20250812-1.1.s390x",
"openSUSE Tumbleweed:ucode-intel-20250812-1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-22889",
"url": "https://www.suse.com/security/cve/CVE-2025-22889"
},
{
"category": "external",
"summary": "SUSE Bug 1248438 for CVE-2025-22889",
"url": "https://bugzilla.suse.com/1248438"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:ucode-intel-20250812-1.1.aarch64",
"openSUSE Tumbleweed:ucode-intel-20250812-1.1.ppc64le",
"openSUSE Tumbleweed:ucode-intel-20250812-1.1.s390x",
"openSUSE Tumbleweed:ucode-intel-20250812-1.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.9,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:C/C:H/I:H/A:N",
"version": "3.1"
},
"products": [
"openSUSE Tumbleweed:ucode-intel-20250812-1.1.aarch64",
"openSUSE Tumbleweed:ucode-intel-20250812-1.1.ppc64le",
"openSUSE Tumbleweed:ucode-intel-20250812-1.1.s390x",
"openSUSE Tumbleweed:ucode-intel-20250812-1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-08-25T00:00:00Z",
"details": "important"
}
],
"title": "CVE-2025-22889"
},
{
"cve": "CVE-2025-26403",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-26403"
}
],
"notes": [
{
"category": "general",
"text": "Out-of-bounds write in the memory subsystem for some Intel(R) Xeon(R) 6 processors when using Intel(R) SGX or Intel(R) TDX may allow a privileged user to potentially enable escalation of privilege via local access.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:ucode-intel-20250812-1.1.aarch64",
"openSUSE Tumbleweed:ucode-intel-20250812-1.1.ppc64le",
"openSUSE Tumbleweed:ucode-intel-20250812-1.1.s390x",
"openSUSE Tumbleweed:ucode-intel-20250812-1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-26403",
"url": "https://www.suse.com/security/cve/CVE-2025-26403"
},
{
"category": "external",
"summary": "SUSE Bug 1248438 for CVE-2025-26403",
"url": "https://bugzilla.suse.com/1248438"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:ucode-intel-20250812-1.1.aarch64",
"openSUSE Tumbleweed:ucode-intel-20250812-1.1.ppc64le",
"openSUSE Tumbleweed:ucode-intel-20250812-1.1.s390x",
"openSUSE Tumbleweed:ucode-intel-20250812-1.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.2,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:C/C:H/I:H/A:N",
"version": "3.1"
},
"products": [
"openSUSE Tumbleweed:ucode-intel-20250812-1.1.aarch64",
"openSUSE Tumbleweed:ucode-intel-20250812-1.1.ppc64le",
"openSUSE Tumbleweed:ucode-intel-20250812-1.1.s390x",
"openSUSE Tumbleweed:ucode-intel-20250812-1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-08-25T00:00:00Z",
"details": "important"
}
],
"title": "CVE-2025-26403"
},
{
"cve": "CVE-2025-32086",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-32086"
}
],
"notes": [
{
"category": "general",
"text": "Improperly implemented security check for standard in the DDRIO configuration for some Intel(R) Xeon(R) 6 Processors when using Intel(R) SGX or Intel(R) TDX may allow a privileged user to potentially enable escalation of privilege via local access.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:ucode-intel-20250812-1.1.aarch64",
"openSUSE Tumbleweed:ucode-intel-20250812-1.1.ppc64le",
"openSUSE Tumbleweed:ucode-intel-20250812-1.1.s390x",
"openSUSE Tumbleweed:ucode-intel-20250812-1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-32086",
"url": "https://www.suse.com/security/cve/CVE-2025-32086"
},
{
"category": "external",
"summary": "SUSE Bug 1248438 for CVE-2025-32086",
"url": "https://bugzilla.suse.com/1248438"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:ucode-intel-20250812-1.1.aarch64",
"openSUSE Tumbleweed:ucode-intel-20250812-1.1.ppc64le",
"openSUSE Tumbleweed:ucode-intel-20250812-1.1.s390x",
"openSUSE Tumbleweed:ucode-intel-20250812-1.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.2,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:C/C:H/I:H/A:N",
"version": "3.1"
},
"products": [
"openSUSE Tumbleweed:ucode-intel-20250812-1.1.aarch64",
"openSUSE Tumbleweed:ucode-intel-20250812-1.1.ppc64le",
"openSUSE Tumbleweed:ucode-intel-20250812-1.1.s390x",
"openSUSE Tumbleweed:ucode-intel-20250812-1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-08-25T00:00:00Z",
"details": "important"
}
],
"title": "CVE-2025-32086"
}
]
}
SUSE-SU-2025:03052-1
Vulnerability from csaf_suse - Published: 2025-09-02 17:41 - Updated: 2025-09-02 17:41Summary
Security update for ucode-intel
Severity
Important
Notes
Title of the patch: Security update for ucode-intel
Description of the patch: This update for ucode-intel fixes the following issues:
- Intel CPU Microcode was updated to the 20250812 release (bsc#1248438)
- CVE-2025-20109: Improper Isolation or Compartmentalization in the stream cache mechanism for some Intel Processors may allow an authenticated user to potentially enable escalation of privilege via local access.
- CVE-2025-22840: Sequence of processor instructions leads to unexpected behavior for some Intel Xeon 6 Scalable processors may allow an authenticated user to potentially enable escalation of privilege via local access
- CVE-2025-22839: Insufficient granularity of access control in the OOB-MSM for some Intel Xeon 6 Scalable processors may allow a privileged user to potentially enable escalation of privilege via adjacent access.
- CVE-2025-22889: Improper handling of overlap between protected memory ranges for some Intel Xeon 6 processor with Intel TDX may allow a privileged user to potentially enable escalation of privilege via local access.
- CVE-2025-20053: Improper buffer restrictions for some Intel Xeon Processor firmware with SGX enabled may allow a privileged user to potentially enable escalation of privilege via local access.
- CVE-2025-26403: Out-of-bounds write in the memory subsystem for some Intel Xeon 6 processors when using Intel SGX or Intel TDX may allow a privileged user to potentially enable escalation of privilege via local access.
- CVE-2025-32086: Improperly implemented security check for standard in the DDRIO configuration for some Intel Xeon 6 Processors when using Intel SGX or Intel TDX may allow a privileged user to potentially enable escalation of privilege via local access.
- Update for functional issues.
- Updated Platforms:
| Processor | Stepping | F-M-S/PI | Old Ver | New Ver | Products
|:---------------|:---------|:------------|:---------|:---------|:---------
| ARL-H | A1 | 06-c5-02/82 | 00000118 | 00000119 | Core Ultra Processor (Series 2)
| ARL-S/HX (8P) | B0 | 06-c6-02/82 | 00000118 | 00000119 | Core Ultra Processor (Series 2)
| EMR-SP | A1 | 06-cf-02/87 | 210002a9 | 210002b3 | Xeon Scalable Gen5
| GNR-AP/SP | B0 | 06-ad-01/95 | 010003a2 | 010003d0 | Xeon Scalable Gen6
| GNR-AP/SP | H0 | 06-ad-01/20 | 0a0000d1 | 0a000100 | Xeon Scalable Gen6
| ICL-D | B0 | 06-6c-01/10 | 010002d0 | 010002e0 | Xeon D-17xx, D-27xx
| ICX-SP | Dx/M1 | 06-6a-06/87 | 0d000404 | 0d000410 | Xeon Scalable Gen3
| LNL | B0 | 06-bd-01/80 | 0000011f | 00000123 | Core Ultra 200 V Series Processor
| MTL | C0 | 06-aa-04/e6 | 00000024 | 00000025 | Core™ Ultra Processor
| RPL-H/P/PX 6+8 | J0 | 06-ba-02/e0 | 00004128 | 00004129 | Core Gen13
| RPL-U 2+8 | Q0 | 06-ba-03/e0 | 00004128 | 00004129 | Core Gen13
| SPR-HBM | Bx | 06-8f-08/10 | 2c0003f7 | 2c000401 | Xeon Max
| SPR-SP | E4/S2 | 06-8f-07/87 | 2b000639 | 2b000643 | Xeon Scalable Gen4
| SPR-SP | E5/S3 | 06-8f-08/87 | 2b000639 | 2b000643 | Xeon Scalable Gen4
| SRF-SP | C0 | 06-af-03/01 | 03000341 | 03000362 | Xeon 6700-Series Processors with E-Cores
New Disclosures Updated in Prior Releases:
All ADL, RPL, SPR, EMR, MTL, ARL Microcode patches previously released in May 2025.
Patchnames: SUSE-2025-3052,SUSE-SLE-SERVER-12-SP5-LTSS-2025-3052,SUSE-SLE-SERVER-12-SP5-LTSS-EXTENDED-SECURITY-2025-3052
Terms of use: CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).
7.2 (High)
Affected products
Recommended
2 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:ucode-intel-20250812-155.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:ucode-intel-20250812-155.1.x86_64 | — |
Vendor Fix
|
Threats
Impact
important
7.8 (High)
Affected products
Recommended
2 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:ucode-intel-20250812-155.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:ucode-intel-20250812-155.1.x86_64 | — |
Vendor Fix
|
Threats
Impact
important
7.5 (High)
Affected products
Recommended
2 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:ucode-intel-20250812-155.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:ucode-intel-20250812-155.1.x86_64 | — |
Vendor Fix
|
Threats
Impact
important
7.4 (High)
Affected products
Recommended
2 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:ucode-intel-20250812-155.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:ucode-intel-20250812-155.1.x86_64 | — |
Vendor Fix
|
Threats
Impact
important
7.9 (High)
Affected products
Recommended
2 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:ucode-intel-20250812-155.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:ucode-intel-20250812-155.1.x86_64 | — |
Vendor Fix
|
Threats
Impact
important
7.2 (High)
Affected products
Recommended
2 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:ucode-intel-20250812-155.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:ucode-intel-20250812-155.1.x86_64 | — |
Vendor Fix
|
Threats
Impact
important
7.2 (High)
Affected products
Recommended
2 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:ucode-intel-20250812-155.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:ucode-intel-20250812-155.1.x86_64 | — |
Vendor Fix
|
Threats
Impact
important
References
26 references
| URL | Category |
|---|---|
| https://www.suse.com/support/security/rating/ | external |
| https://ftp.suse.com/pub/projects/security/csaf/s… | self |
| https://www.suse.com/support/update/announcement/… | self |
| https://lists.suse.com/pipermail/sle-updates/2025… | self |
| https://bugzilla.suse.com/1248438 | self |
| https://www.suse.com/security/cve/CVE-2025-20053/ | self |
| https://www.suse.com/security/cve/CVE-2025-20109/ | self |
| https://www.suse.com/security/cve/CVE-2025-22839/ | self |
| https://www.suse.com/security/cve/CVE-2025-22840/ | self |
| https://www.suse.com/security/cve/CVE-2025-22889/ | self |
| https://www.suse.com/security/cve/CVE-2025-26403/ | self |
| https://www.suse.com/security/cve/CVE-2025-32086/ | self |
| https://www.suse.com/security/cve/CVE-2025-20053 | external |
| https://bugzilla.suse.com/1248438 | external |
| https://www.suse.com/security/cve/CVE-2025-20109 | external |
| https://bugzilla.suse.com/1248438 | external |
| https://www.suse.com/security/cve/CVE-2025-22839 | external |
| https://bugzilla.suse.com/1248438 | external |
| https://www.suse.com/security/cve/CVE-2025-22840 | external |
| https://bugzilla.suse.com/1248438 | external |
| https://www.suse.com/security/cve/CVE-2025-22889 | external |
| https://bugzilla.suse.com/1248438 | external |
| https://www.suse.com/security/cve/CVE-2025-26403 | external |
| https://bugzilla.suse.com/1248438 | external |
| https://www.suse.com/security/cve/CVE-2025-32086 | external |
| https://bugzilla.suse.com/1248438 | external |
{
"document": {
"aggregate_severity": {
"namespace": "https://www.suse.com/support/security/rating/",
"text": "important"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright 2024 SUSE LLC. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "Security update for ucode-intel",
"title": "Title of the patch"
},
{
"category": "description",
"text": "This update for ucode-intel fixes the following issues:\n\n- Intel CPU Microcode was updated to the 20250812 release (bsc#1248438)\n - CVE-2025-20109: Improper Isolation or Compartmentalization in the stream cache mechanism for some Intel Processors may allow an authenticated user to potentially enable escalation of privilege via local access.\n - CVE-2025-22840: Sequence of processor instructions leads to unexpected behavior for some Intel Xeon 6 Scalable processors may allow an authenticated user to potentially enable escalation of privilege via local access\n - CVE-2025-22839: Insufficient granularity of access control in the OOB-MSM for some Intel Xeon 6 Scalable processors may allow a privileged user to potentially enable escalation of privilege via adjacent access.\n - CVE-2025-22889: Improper handling of overlap between protected memory ranges for some Intel Xeon 6 processor with Intel TDX may allow a privileged user to potentially enable escalation of privilege via local access.\n - CVE-2025-20053: Improper buffer restrictions for some Intel Xeon Processor firmware with SGX enabled may allow a privileged user to potentially enable escalation of privilege via local access.\n - CVE-2025-26403: Out-of-bounds write in the memory subsystem for some Intel Xeon 6 processors when using Intel SGX or Intel TDX may allow a privileged user to potentially enable escalation of privilege via local access.\n - CVE-2025-32086: Improperly implemented security check for standard in the DDRIO configuration for some Intel Xeon 6 Processors when using Intel SGX or Intel TDX may allow a privileged user to potentially enable escalation of privilege via local access.\n - Update for functional issues. \n - Updated Platforms:\n \n | Processor | Stepping | F-M-S/PI | Old Ver | New Ver | Products\n |:---------------|:---------|:------------|:---------|:---------|:---------\n | ARL-H | A1 | 06-c5-02/82 | 00000118 | 00000119 | Core Ultra Processor (Series 2)\n | ARL-S/HX (8P) | B0 | 06-c6-02/82 | 00000118 | 00000119 | Core Ultra Processor (Series 2)\n | EMR-SP | A1 | 06-cf-02/87 | 210002a9 | 210002b3 | Xeon Scalable Gen5\n | GNR-AP/SP | B0 | 06-ad-01/95 | 010003a2 | 010003d0 | Xeon Scalable Gen6\n | GNR-AP/SP | H0 | 06-ad-01/20 | 0a0000d1 | 0a000100 | Xeon Scalable Gen6\n | ICL-D | B0 | 06-6c-01/10 | 010002d0 | 010002e0 | Xeon D-17xx, D-27xx\n | ICX-SP | Dx/M1 | 06-6a-06/87 | 0d000404 | 0d000410 | Xeon Scalable Gen3\n | LNL | B0 | 06-bd-01/80 | 0000011f | 00000123 | Core Ultra 200 V Series Processor\n | MTL | C0 | 06-aa-04/e6 | 00000024 | 00000025 | Core\u2122 Ultra Processor\n | RPL-H/P/PX 6+8 | J0 | 06-ba-02/e0 | 00004128 | 00004129 | Core Gen13\n | RPL-U 2+8 | Q0 | 06-ba-03/e0 | 00004128 | 00004129 | Core Gen13\n | SPR-HBM | Bx | 06-8f-08/10 | 2c0003f7 | 2c000401 | Xeon Max\n | SPR-SP | E4/S2 | 06-8f-07/87 | 2b000639 | 2b000643 | Xeon Scalable Gen4\n | SPR-SP | E5/S3 | 06-8f-08/87 | 2b000639 | 2b000643 | Xeon Scalable Gen4\n | SRF-SP | C0 | 06-af-03/01 | 03000341 | 03000362 | Xeon 6700-Series Processors with E-Cores\n \n New Disclosures Updated in Prior Releases:\n All ADL, RPL, SPR, EMR, MTL, ARL Microcode patches previously released in May 2025.\n",
"title": "Description of the patch"
},
{
"category": "details",
"text": "SUSE-2025-3052,SUSE-SLE-SERVER-12-SP5-LTSS-2025-3052,SUSE-SLE-SERVER-12-SP5-LTSS-EXTENDED-SECURITY-2025-3052",
"title": "Patchnames"
},
{
"category": "legal_disclaimer",
"text": "CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).",
"title": "Terms of use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://www.suse.com/support/security/contact/",
"name": "SUSE Product Security Team",
"namespace": "https://www.suse.com/"
},
"references": [
{
"category": "external",
"summary": "SUSE ratings",
"url": "https://www.suse.com/support/security/rating/"
},
{
"category": "self",
"summary": "URL of this CSAF notice",
"url": "https://ftp.suse.com/pub/projects/security/csaf/suse-su-2025_03052-1.json"
},
{
"category": "self",
"summary": "URL for SUSE-SU-2025:03052-1",
"url": "https://www.suse.com/support/update/announcement/2025/suse-su-202503052-1/"
},
{
"category": "self",
"summary": "E-Mail link for SUSE-SU-2025:03052-1",
"url": "https://lists.suse.com/pipermail/sle-updates/2025-September/041495.html"
},
{
"category": "self",
"summary": "SUSE Bug 1248438",
"url": "https://bugzilla.suse.com/1248438"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-20053 page",
"url": "https://www.suse.com/security/cve/CVE-2025-20053/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-20109 page",
"url": "https://www.suse.com/security/cve/CVE-2025-20109/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-22839 page",
"url": "https://www.suse.com/security/cve/CVE-2025-22839/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-22840 page",
"url": "https://www.suse.com/security/cve/CVE-2025-22840/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-22889 page",
"url": "https://www.suse.com/security/cve/CVE-2025-22889/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-26403 page",
"url": "https://www.suse.com/security/cve/CVE-2025-26403/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-32086 page",
"url": "https://www.suse.com/security/cve/CVE-2025-32086/"
}
],
"title": "Security update for ucode-intel",
"tracking": {
"current_release_date": "2025-09-02T17:41:10Z",
"generator": {
"date": "2025-09-02T17:41:10Z",
"engine": {
"name": "cve-database.git:bin/generate-csaf.pl",
"version": "1"
}
},
"id": "SUSE-SU-2025:03052-1",
"initial_release_date": "2025-09-02T17:41:10Z",
"revision_history": [
{
"date": "2025-09-02T17:41:10Z",
"number": "1",
"summary": "Current version"
}
],
"status": "final",
"version": "1"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_version",
"name": "ucode-intel-20250812-155.1.i586",
"product": {
"name": "ucode-intel-20250812-155.1.i586",
"product_id": "ucode-intel-20250812-155.1.i586"
}
}
],
"category": "architecture",
"name": "i586"
},
{
"branches": [
{
"category": "product_version",
"name": "ucode-intel-20250812-155.1.x86_64",
"product": {
"name": "ucode-intel-20250812-155.1.x86_64",
"product_id": "ucode-intel-20250812-155.1.x86_64"
}
}
],
"category": "architecture",
"name": "x86_64"
},
{
"branches": [
{
"category": "product_name",
"name": "SUSE Linux Enterprise Server 12 SP5-LTSS",
"product": {
"name": "SUSE Linux Enterprise Server 12 SP5-LTSS",
"product_id": "SUSE Linux Enterprise Server 12 SP5-LTSS",
"product_identification_helper": {
"cpe": "cpe:/o:suse:sles-ltss:12:sp5"
}
}
},
{
"category": "product_name",
"name": "SUSE Linux Enterprise Server LTSS Extended Security 12 SP5",
"product": {
"name": "SUSE Linux Enterprise Server LTSS Extended Security 12 SP5",
"product_id": "SUSE Linux Enterprise Server LTSS Extended Security 12 SP5",
"product_identification_helper": {
"cpe": "cpe:/o:suse:sles-ltss-extended-security:12:sp5"
}
}
}
],
"category": "product_family",
"name": "SUSE Linux Enterprise"
}
],
"category": "vendor",
"name": "SUSE"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "ucode-intel-20250812-155.1.x86_64 as component of SUSE Linux Enterprise Server 12 SP5-LTSS",
"product_id": "SUSE Linux Enterprise Server 12 SP5-LTSS:ucode-intel-20250812-155.1.x86_64"
},
"product_reference": "ucode-intel-20250812-155.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 12 SP5-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "ucode-intel-20250812-155.1.x86_64 as component of SUSE Linux Enterprise Server LTSS Extended Security 12 SP5",
"product_id": "SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:ucode-intel-20250812-155.1.x86_64"
},
"product_reference": "ucode-intel-20250812-155.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server LTSS Extended Security 12 SP5"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2025-20053",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-20053"
}
],
"notes": [
{
"category": "general",
"text": "Improper buffer restrictions for some Intel(R) Xeon(R) Processor firmware with SGX enabled may allow a privileged user to potentially enable escalation of privilege via local access.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Server 12 SP5-LTSS:ucode-intel-20250812-155.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:ucode-intel-20250812-155.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-20053",
"url": "https://www.suse.com/security/cve/CVE-2025-20053"
},
{
"category": "external",
"summary": "SUSE Bug 1248438 for CVE-2025-20053",
"url": "https://bugzilla.suse.com/1248438"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Server 12 SP5-LTSS:ucode-intel-20250812-155.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:ucode-intel-20250812-155.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.2,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:C/C:H/I:H/A:N",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Server 12 SP5-LTSS:ucode-intel-20250812-155.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:ucode-intel-20250812-155.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-09-02T17:41:10Z",
"details": "important"
}
],
"title": "CVE-2025-20053"
},
{
"cve": "CVE-2025-20109",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-20109"
}
],
"notes": [
{
"category": "general",
"text": "Improper Isolation or Compartmentalization in the stream cache mechanism for some Intel(R) Processors may allow an authenticated user to potentially enable escalation of privilege via local access.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Server 12 SP5-LTSS:ucode-intel-20250812-155.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:ucode-intel-20250812-155.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-20109",
"url": "https://www.suse.com/security/cve/CVE-2025-20109"
},
{
"category": "external",
"summary": "SUSE Bug 1248438 for CVE-2025-20109",
"url": "https://bugzilla.suse.com/1248438"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Server 12 SP5-LTSS:ucode-intel-20250812-155.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:ucode-intel-20250812-155.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:C/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Server 12 SP5-LTSS:ucode-intel-20250812-155.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:ucode-intel-20250812-155.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-09-02T17:41:10Z",
"details": "important"
}
],
"title": "CVE-2025-20109"
},
{
"cve": "CVE-2025-22839",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-22839"
}
],
"notes": [
{
"category": "general",
"text": "Insufficient granularity of access control in the OOB-MSM for some Intel(R) Xeon(R) 6 Scalable processors may allow a privileged user to potentially enable escalation of privilege via adjacent access.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Server 12 SP5-LTSS:ucode-intel-20250812-155.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:ucode-intel-20250812-155.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-22839",
"url": "https://www.suse.com/security/cve/CVE-2025-22839"
},
{
"category": "external",
"summary": "SUSE Bug 1248438 for CVE-2025-22839",
"url": "https://bugzilla.suse.com/1248438"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Server 12 SP5-LTSS:ucode-intel-20250812-155.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:ucode-intel-20250812-155.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.5,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:A/AC:H/PR:H/UI:N/S:C/C:H/I:H/A:L",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Server 12 SP5-LTSS:ucode-intel-20250812-155.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:ucode-intel-20250812-155.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-09-02T17:41:10Z",
"details": "important"
}
],
"title": "CVE-2025-22839"
},
{
"cve": "CVE-2025-22840",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-22840"
}
],
"notes": [
{
"category": "general",
"text": "Sequence of processor instructions leads to unexpected behavior for some Intel(R) Xeon(R) 6 Scalable processors may allow an authenticated user to potentially enable escalation of privilege via local access",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Server 12 SP5-LTSS:ucode-intel-20250812-155.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:ucode-intel-20250812-155.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-22840",
"url": "https://www.suse.com/security/cve/CVE-2025-22840"
},
{
"category": "external",
"summary": "SUSE Bug 1248438 for CVE-2025-22840",
"url": "https://bugzilla.suse.com/1248438"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Server 12 SP5-LTSS:ucode-intel-20250812-155.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:ucode-intel-20250812-155.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.4,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:R/S:C/C:H/I:H/A:L",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Server 12 SP5-LTSS:ucode-intel-20250812-155.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:ucode-intel-20250812-155.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-09-02T17:41:10Z",
"details": "important"
}
],
"title": "CVE-2025-22840"
},
{
"cve": "CVE-2025-22889",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-22889"
}
],
"notes": [
{
"category": "general",
"text": "Improper handling of overlap between protected memory ranges for some Intel(R) Xeon(R) 6 processor with Intel(R) TDX may allow a privileged user to potentially enable escalation of privilege via local access.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Server 12 SP5-LTSS:ucode-intel-20250812-155.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:ucode-intel-20250812-155.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-22889",
"url": "https://www.suse.com/security/cve/CVE-2025-22889"
},
{
"category": "external",
"summary": "SUSE Bug 1248438 for CVE-2025-22889",
"url": "https://bugzilla.suse.com/1248438"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Server 12 SP5-LTSS:ucode-intel-20250812-155.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:ucode-intel-20250812-155.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.9,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:C/C:H/I:H/A:N",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Server 12 SP5-LTSS:ucode-intel-20250812-155.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:ucode-intel-20250812-155.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-09-02T17:41:10Z",
"details": "important"
}
],
"title": "CVE-2025-22889"
},
{
"cve": "CVE-2025-26403",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-26403"
}
],
"notes": [
{
"category": "general",
"text": "Out-of-bounds write in the memory subsystem for some Intel(R) Xeon(R) 6 processors when using Intel(R) SGX or Intel(R) TDX may allow a privileged user to potentially enable escalation of privilege via local access.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Server 12 SP5-LTSS:ucode-intel-20250812-155.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:ucode-intel-20250812-155.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-26403",
"url": "https://www.suse.com/security/cve/CVE-2025-26403"
},
{
"category": "external",
"summary": "SUSE Bug 1248438 for CVE-2025-26403",
"url": "https://bugzilla.suse.com/1248438"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Server 12 SP5-LTSS:ucode-intel-20250812-155.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:ucode-intel-20250812-155.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.2,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:C/C:H/I:H/A:N",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Server 12 SP5-LTSS:ucode-intel-20250812-155.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:ucode-intel-20250812-155.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-09-02T17:41:10Z",
"details": "important"
}
],
"title": "CVE-2025-26403"
},
{
"cve": "CVE-2025-32086",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-32086"
}
],
"notes": [
{
"category": "general",
"text": "Improperly implemented security check for standard in the DDRIO configuration for some Intel(R) Xeon(R) 6 Processors when using Intel(R) SGX or Intel(R) TDX may allow a privileged user to potentially enable escalation of privilege via local access.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Server 12 SP5-LTSS:ucode-intel-20250812-155.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:ucode-intel-20250812-155.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-32086",
"url": "https://www.suse.com/security/cve/CVE-2025-32086"
},
{
"category": "external",
"summary": "SUSE Bug 1248438 for CVE-2025-32086",
"url": "https://bugzilla.suse.com/1248438"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Server 12 SP5-LTSS:ucode-intel-20250812-155.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:ucode-intel-20250812-155.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.2,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:C/C:H/I:H/A:N",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Server 12 SP5-LTSS:ucode-intel-20250812-155.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:ucode-intel-20250812-155.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-09-02T17:41:10Z",
"details": "important"
}
],
"title": "CVE-2025-32086"
}
]
}
SUSE-SU-2025:03053-1
Vulnerability from csaf_suse - Published: 2025-09-02 17:42 - Updated: 2025-09-02 17:42Summary
Security update for ucode-intel
Severity
Important
Notes
Title of the patch: Security update for ucode-intel
Description of the patch: This update for ucode-intel fixes the following issues:
- Intel CPU Microcode was updated to the 20250812 release (bsc#1248438)
- CVE-2025-20109: Improper Isolation or Compartmentalization in the stream cache mechanism for some Intel Processors may allow an authenticated user to potentially enable escalation of privilege via local access.
- CVE-2025-22840: Sequence of processor instructions leads to unexpected behavior for some Intel Xeon 6 Scalable processors may allow an authenticated user to potentially enable escalation of privilege via local access
- CVE-2025-22839: Insufficient granularity of access control in the OOB-MSM for some Intel Xeon 6 Scalable processors may allow a privileged user to potentially enable escalation of privilege via adjacent access.
- CVE-2025-22889: Improper handling of overlap between protected memory ranges for some Intel Xeon 6 processor with Intel TDX may allow a privileged user to potentially enable escalation of privilege via local access.
- CVE-2025-20053: Improper buffer restrictions for some Intel Xeon Processor firmware with SGX enabled may allow a privileged user to potentially enable escalation of privilege via local access.
- CVE-2025-26403: Out-of-bounds write in the memory subsystem for some Intel Xeon 6 processors when using Intel SGX or Intel TDX may allow a privileged user to potentially enable escalation of privilege via local access.
- CVE-2025-32086: Improperly implemented security check for standard in the DDRIO configuration for some Intel Xeon 6 Processors when using Intel SGX or Intel TDX may allow a privileged user to potentially enable escalation of privilege via local access.
- Update for functional issues.
- Updated Platforms:
| Processor | Stepping | F-M-S/PI | Old Ver | New Ver | Products
|:---------------|:---------|:------------|:---------|:---------|:---------
| ARL-H | A1 | 06-c5-02/82 | 00000118 | 00000119 | Core Ultra Processor (Series 2)
| ARL-S/HX (8P) | B0 | 06-c6-02/82 | 00000118 | 00000119 | Core Ultra Processor (Series 2)
| EMR-SP | A1 | 06-cf-02/87 | 210002a9 | 210002b3 | Xeon Scalable Gen5
| GNR-AP/SP | B0 | 06-ad-01/95 | 010003a2 | 010003d0 | Xeon Scalable Gen6
| GNR-AP/SP | H0 | 06-ad-01/20 | 0a0000d1 | 0a000100 | Xeon Scalable Gen6
| ICL-D | B0 | 06-6c-01/10 | 010002d0 | 010002e0 | Xeon D-17xx, D-27xx
| ICX-SP | Dx/M1 | 06-6a-06/87 | 0d000404 | 0d000410 | Xeon Scalable Gen3
| LNL | B0 | 06-bd-01/80 | 0000011f | 00000123 | Core Ultra 200 V Series Processor
| MTL | C0 | 06-aa-04/e6 | 00000024 | 00000025 | Core™ Ultra Processor
| RPL-H/P/PX 6+8 | J0 | 06-ba-02/e0 | 00004128 | 00004129 | Core Gen13
| RPL-U 2+8 | Q0 | 06-ba-03/e0 | 00004128 | 00004129 | Core Gen13
| SPR-HBM | Bx | 06-8f-08/10 | 2c0003f7 | 2c000401 | Xeon Max
| SPR-SP | E4/S2 | 06-8f-07/87 | 2b000639 | 2b000643 | Xeon Scalable Gen4
| SPR-SP | E5/S3 | 06-8f-08/87 | 2b000639 | 2b000643 | Xeon Scalable Gen4
| SRF-SP | C0 | 06-af-03/01 | 03000341 | 03000362 | Xeon 6700-Series Processors with E-Cores
New Disclosures Updated in Prior Releases:
All ADL, RPL, SPR, EMR, MTL, ARL Microcode patches previously released in May 2025.
Patchnames: SUSE-2025-3053,SUSE-SLE-Micro-5.3-2025-3053,SUSE-SLE-Micro-5.4-2025-3053,SUSE-SLE-Micro-5.5-2025-3053,SUSE-SLE-Module-Basesystem-15-SP6-2025-3053,SUSE-SLE-Module-Basesystem-15-SP7-2025-3053,SUSE-SLE-Product-HPC-15-SP3-LTSS-2025-3053,SUSE-SLE-Product-HPC-15-SP4-ESPOS-2025-3053,SUSE-SLE-Product-HPC-15-SP4-LTSS-2025-3053,SUSE-SLE-Product-HPC-15-SP5-ESPOS-2025-3053,SUSE-SLE-Product-HPC-15-SP5-LTSS-2025-3053,SUSE-SLE-Product-SLES-15-SP3-LTSS-2025-3053,SUSE-SLE-Product-SLES-15-SP4-LTSS-2025-3053,SUSE-SLE-Product-SLES-15-SP5-LTSS-2025-3053,SUSE-SLE-Product-SLES_SAP-15-SP3-2025-3053,SUSE-SLE-Product-SLES_SAP-15-SP4-2025-3053,SUSE-SLE-Product-SLES_SAP-15-SP5-2025-3053,SUSE-SLE-Product-SUSE-Manager-Proxy-4.3-LTS-2025-3053,SUSE-SLE-Product-SUSE-Manager-Server-4.3-LTS-2025-3053,SUSE-SUSE-MicroOS-5.1-2025-3053,SUSE-SUSE-MicroOS-5.2-2025-3053,SUSE-Storage-7.1-2025-3053,openSUSE-SLE-15.6-2025-3053
Terms of use: CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).
7.2 (High)
Affected products
Recommended
22 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Enterprise Storage 7.1:ucode-intel-20250812-150200.59.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:ucode-intel-20250812-150200.59.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:ucode-intel-20250812-150200.59.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:ucode-intel-20250812-150200.59.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:ucode-intel-20250812-150200.59.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:ucode-intel-20250812-150200.59.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Micro 5.1:ucode-intel-20250812-150200.59.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Micro 5.2:ucode-intel-20250812-150200.59.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Micro 5.3:ucode-intel-20250812-150200.59.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Micro 5.4:ucode-intel-20250812-150200.59.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Micro 5.5:ucode-intel-20250812-150200.59.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Basesystem 15 SP6:ucode-intel-20250812-150200.59.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Basesystem 15 SP7:ucode-intel-20250812-150200.59.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP3-LTSS:ucode-intel-20250812-150200.59.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP4-LTSS:ucode-intel-20250812-150200.59.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP5-LTSS:ucode-intel-20250812-150200.59.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 15 SP3:ucode-intel-20250812-150200.59.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 15 SP4:ucode-intel-20250812-150200.59.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 15 SP5:ucode-intel-20250812-150200.59.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Manager Proxy LTS 4.3:ucode-intel-20250812-150200.59.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Manager Server LTS 4.3:ucode-intel-20250812-150200.59.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.6:ucode-intel-20250812-150200.59.1.x86_64 | — |
Vendor Fix
|
Threats
Impact
important
7.8 (High)
Affected products
Recommended
22 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Enterprise Storage 7.1:ucode-intel-20250812-150200.59.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:ucode-intel-20250812-150200.59.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:ucode-intel-20250812-150200.59.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:ucode-intel-20250812-150200.59.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:ucode-intel-20250812-150200.59.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:ucode-intel-20250812-150200.59.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Micro 5.1:ucode-intel-20250812-150200.59.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Micro 5.2:ucode-intel-20250812-150200.59.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Micro 5.3:ucode-intel-20250812-150200.59.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Micro 5.4:ucode-intel-20250812-150200.59.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Micro 5.5:ucode-intel-20250812-150200.59.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Basesystem 15 SP6:ucode-intel-20250812-150200.59.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Basesystem 15 SP7:ucode-intel-20250812-150200.59.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP3-LTSS:ucode-intel-20250812-150200.59.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP4-LTSS:ucode-intel-20250812-150200.59.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP5-LTSS:ucode-intel-20250812-150200.59.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 15 SP3:ucode-intel-20250812-150200.59.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 15 SP4:ucode-intel-20250812-150200.59.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 15 SP5:ucode-intel-20250812-150200.59.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Manager Proxy LTS 4.3:ucode-intel-20250812-150200.59.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Manager Server LTS 4.3:ucode-intel-20250812-150200.59.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.6:ucode-intel-20250812-150200.59.1.x86_64 | — |
Vendor Fix
|
Threats
Impact
important
7.5 (High)
Affected products
Recommended
22 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Enterprise Storage 7.1:ucode-intel-20250812-150200.59.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:ucode-intel-20250812-150200.59.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:ucode-intel-20250812-150200.59.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:ucode-intel-20250812-150200.59.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:ucode-intel-20250812-150200.59.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:ucode-intel-20250812-150200.59.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Micro 5.1:ucode-intel-20250812-150200.59.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Micro 5.2:ucode-intel-20250812-150200.59.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Micro 5.3:ucode-intel-20250812-150200.59.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Micro 5.4:ucode-intel-20250812-150200.59.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Micro 5.5:ucode-intel-20250812-150200.59.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Basesystem 15 SP6:ucode-intel-20250812-150200.59.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Basesystem 15 SP7:ucode-intel-20250812-150200.59.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP3-LTSS:ucode-intel-20250812-150200.59.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP4-LTSS:ucode-intel-20250812-150200.59.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP5-LTSS:ucode-intel-20250812-150200.59.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 15 SP3:ucode-intel-20250812-150200.59.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 15 SP4:ucode-intel-20250812-150200.59.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 15 SP5:ucode-intel-20250812-150200.59.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Manager Proxy LTS 4.3:ucode-intel-20250812-150200.59.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Manager Server LTS 4.3:ucode-intel-20250812-150200.59.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.6:ucode-intel-20250812-150200.59.1.x86_64 | — |
Vendor Fix
|
Threats
Impact
important
7.4 (High)
Affected products
Recommended
22 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Enterprise Storage 7.1:ucode-intel-20250812-150200.59.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:ucode-intel-20250812-150200.59.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:ucode-intel-20250812-150200.59.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:ucode-intel-20250812-150200.59.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:ucode-intel-20250812-150200.59.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:ucode-intel-20250812-150200.59.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Micro 5.1:ucode-intel-20250812-150200.59.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Micro 5.2:ucode-intel-20250812-150200.59.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Micro 5.3:ucode-intel-20250812-150200.59.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Micro 5.4:ucode-intel-20250812-150200.59.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Micro 5.5:ucode-intel-20250812-150200.59.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Basesystem 15 SP6:ucode-intel-20250812-150200.59.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Basesystem 15 SP7:ucode-intel-20250812-150200.59.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP3-LTSS:ucode-intel-20250812-150200.59.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP4-LTSS:ucode-intel-20250812-150200.59.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP5-LTSS:ucode-intel-20250812-150200.59.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 15 SP3:ucode-intel-20250812-150200.59.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 15 SP4:ucode-intel-20250812-150200.59.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 15 SP5:ucode-intel-20250812-150200.59.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Manager Proxy LTS 4.3:ucode-intel-20250812-150200.59.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Manager Server LTS 4.3:ucode-intel-20250812-150200.59.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.6:ucode-intel-20250812-150200.59.1.x86_64 | — |
Vendor Fix
|
Threats
Impact
important
7.9 (High)
Affected products
Recommended
22 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Enterprise Storage 7.1:ucode-intel-20250812-150200.59.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:ucode-intel-20250812-150200.59.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:ucode-intel-20250812-150200.59.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:ucode-intel-20250812-150200.59.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:ucode-intel-20250812-150200.59.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:ucode-intel-20250812-150200.59.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Micro 5.1:ucode-intel-20250812-150200.59.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Micro 5.2:ucode-intel-20250812-150200.59.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Micro 5.3:ucode-intel-20250812-150200.59.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Micro 5.4:ucode-intel-20250812-150200.59.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Micro 5.5:ucode-intel-20250812-150200.59.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Basesystem 15 SP6:ucode-intel-20250812-150200.59.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Basesystem 15 SP7:ucode-intel-20250812-150200.59.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP3-LTSS:ucode-intel-20250812-150200.59.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP4-LTSS:ucode-intel-20250812-150200.59.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP5-LTSS:ucode-intel-20250812-150200.59.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 15 SP3:ucode-intel-20250812-150200.59.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 15 SP4:ucode-intel-20250812-150200.59.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 15 SP5:ucode-intel-20250812-150200.59.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Manager Proxy LTS 4.3:ucode-intel-20250812-150200.59.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Manager Server LTS 4.3:ucode-intel-20250812-150200.59.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.6:ucode-intel-20250812-150200.59.1.x86_64 | — |
Vendor Fix
|
Threats
Impact
important
7.2 (High)
Affected products
Recommended
22 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Enterprise Storage 7.1:ucode-intel-20250812-150200.59.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:ucode-intel-20250812-150200.59.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:ucode-intel-20250812-150200.59.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:ucode-intel-20250812-150200.59.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:ucode-intel-20250812-150200.59.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:ucode-intel-20250812-150200.59.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Micro 5.1:ucode-intel-20250812-150200.59.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Micro 5.2:ucode-intel-20250812-150200.59.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Micro 5.3:ucode-intel-20250812-150200.59.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Micro 5.4:ucode-intel-20250812-150200.59.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Micro 5.5:ucode-intel-20250812-150200.59.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Basesystem 15 SP6:ucode-intel-20250812-150200.59.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Basesystem 15 SP7:ucode-intel-20250812-150200.59.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP3-LTSS:ucode-intel-20250812-150200.59.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP4-LTSS:ucode-intel-20250812-150200.59.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP5-LTSS:ucode-intel-20250812-150200.59.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 15 SP3:ucode-intel-20250812-150200.59.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 15 SP4:ucode-intel-20250812-150200.59.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 15 SP5:ucode-intel-20250812-150200.59.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Manager Proxy LTS 4.3:ucode-intel-20250812-150200.59.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Manager Server LTS 4.3:ucode-intel-20250812-150200.59.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.6:ucode-intel-20250812-150200.59.1.x86_64 | — |
Vendor Fix
|
Threats
Impact
important
7.2 (High)
Affected products
Recommended
22 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Enterprise Storage 7.1:ucode-intel-20250812-150200.59.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:ucode-intel-20250812-150200.59.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:ucode-intel-20250812-150200.59.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:ucode-intel-20250812-150200.59.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:ucode-intel-20250812-150200.59.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:ucode-intel-20250812-150200.59.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Micro 5.1:ucode-intel-20250812-150200.59.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Micro 5.2:ucode-intel-20250812-150200.59.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Micro 5.3:ucode-intel-20250812-150200.59.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Micro 5.4:ucode-intel-20250812-150200.59.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Micro 5.5:ucode-intel-20250812-150200.59.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Basesystem 15 SP6:ucode-intel-20250812-150200.59.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Basesystem 15 SP7:ucode-intel-20250812-150200.59.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP3-LTSS:ucode-intel-20250812-150200.59.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP4-LTSS:ucode-intel-20250812-150200.59.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP5-LTSS:ucode-intel-20250812-150200.59.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 15 SP3:ucode-intel-20250812-150200.59.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 15 SP4:ucode-intel-20250812-150200.59.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 15 SP5:ucode-intel-20250812-150200.59.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Manager Proxy LTS 4.3:ucode-intel-20250812-150200.59.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Manager Server LTS 4.3:ucode-intel-20250812-150200.59.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.6:ucode-intel-20250812-150200.59.1.x86_64 | — |
Vendor Fix
|
Threats
Impact
important
References
26 references
| URL | Category |
|---|---|
| https://www.suse.com/support/security/rating/ | external |
| https://ftp.suse.com/pub/projects/security/csaf/s… | self |
| https://www.suse.com/support/update/announcement/… | self |
| https://lists.suse.com/pipermail/sle-updates/2025… | self |
| https://bugzilla.suse.com/1248438 | self |
| https://www.suse.com/security/cve/CVE-2025-20053/ | self |
| https://www.suse.com/security/cve/CVE-2025-20109/ | self |
| https://www.suse.com/security/cve/CVE-2025-22839/ | self |
| https://www.suse.com/security/cve/CVE-2025-22840/ | self |
| https://www.suse.com/security/cve/CVE-2025-22889/ | self |
| https://www.suse.com/security/cve/CVE-2025-26403/ | self |
| https://www.suse.com/security/cve/CVE-2025-32086/ | self |
| https://www.suse.com/security/cve/CVE-2025-20053 | external |
| https://bugzilla.suse.com/1248438 | external |
| https://www.suse.com/security/cve/CVE-2025-20109 | external |
| https://bugzilla.suse.com/1248438 | external |
| https://www.suse.com/security/cve/CVE-2025-22839 | external |
| https://bugzilla.suse.com/1248438 | external |
| https://www.suse.com/security/cve/CVE-2025-22840 | external |
| https://bugzilla.suse.com/1248438 | external |
| https://www.suse.com/security/cve/CVE-2025-22889 | external |
| https://bugzilla.suse.com/1248438 | external |
| https://www.suse.com/security/cve/CVE-2025-26403 | external |
| https://bugzilla.suse.com/1248438 | external |
| https://www.suse.com/security/cve/CVE-2025-32086 | external |
| https://bugzilla.suse.com/1248438 | external |
{
"document": {
"aggregate_severity": {
"namespace": "https://www.suse.com/support/security/rating/",
"text": "important"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright 2024 SUSE LLC. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "Security update for ucode-intel",
"title": "Title of the patch"
},
{
"category": "description",
"text": "This update for ucode-intel fixes the following issues:\n\n- Intel CPU Microcode was updated to the 20250812 release (bsc#1248438)\n - CVE-2025-20109: Improper Isolation or Compartmentalization in the stream cache mechanism for some Intel Processors may allow an authenticated user to potentially enable escalation of privilege via local access.\n - CVE-2025-22840: Sequence of processor instructions leads to unexpected behavior for some Intel Xeon 6 Scalable processors may allow an authenticated user to potentially enable escalation of privilege via local access\n - CVE-2025-22839: Insufficient granularity of access control in the OOB-MSM for some Intel Xeon 6 Scalable processors may allow a privileged user to potentially enable escalation of privilege via adjacent access.\n - CVE-2025-22889: Improper handling of overlap between protected memory ranges for some Intel Xeon 6 processor with Intel TDX may allow a privileged user to potentially enable escalation of privilege via local access.\n - CVE-2025-20053: Improper buffer restrictions for some Intel Xeon Processor firmware with SGX enabled may allow a privileged user to potentially enable escalation of privilege via local access.\n - CVE-2025-26403: Out-of-bounds write in the memory subsystem for some Intel Xeon 6 processors when using Intel SGX or Intel TDX may allow a privileged user to potentially enable escalation of privilege via local access.\n - CVE-2025-32086: Improperly implemented security check for standard in the DDRIO configuration for some Intel Xeon 6 Processors when using Intel SGX or Intel TDX may allow a privileged user to potentially enable escalation of privilege via local access.\n - Update for functional issues.\n - Updated Platforms:\n\n | Processor | Stepping | F-M-S/PI | Old Ver | New Ver | Products\n |:---------------|:---------|:------------|:---------|:---------|:---------\n | ARL-H | A1 | 06-c5-02/82 | 00000118 | 00000119 | Core Ultra Processor (Series 2)\n | ARL-S/HX (8P) | B0 | 06-c6-02/82 | 00000118 | 00000119 | Core Ultra Processor (Series 2)\n | EMR-SP | A1 | 06-cf-02/87 | 210002a9 | 210002b3 | Xeon Scalable Gen5\n | GNR-AP/SP | B0 | 06-ad-01/95 | 010003a2 | 010003d0 | Xeon Scalable Gen6\n | GNR-AP/SP | H0 | 06-ad-01/20 | 0a0000d1 | 0a000100 | Xeon Scalable Gen6\n | ICL-D | B0 | 06-6c-01/10 | 010002d0 | 010002e0 | Xeon D-17xx, D-27xx\n | ICX-SP | Dx/M1 | 06-6a-06/87 | 0d000404 | 0d000410 | Xeon Scalable Gen3\n | LNL | B0 | 06-bd-01/80 | 0000011f | 00000123 | Core Ultra 200 V Series Processor\n | MTL | C0 | 06-aa-04/e6 | 00000024 | 00000025 | Core\u2122 Ultra Processor\n | RPL-H/P/PX 6+8 | J0 | 06-ba-02/e0 | 00004128 | 00004129 | Core Gen13\n | RPL-U 2+8 | Q0 | 06-ba-03/e0 | 00004128 | 00004129 | Core Gen13\n | SPR-HBM | Bx | 06-8f-08/10 | 2c0003f7 | 2c000401 | Xeon Max\n | SPR-SP | E4/S2 | 06-8f-07/87 | 2b000639 | 2b000643 | Xeon Scalable Gen4\n | SPR-SP | E5/S3 | 06-8f-08/87 | 2b000639 | 2b000643 | Xeon Scalable Gen4\n | SRF-SP | C0 | 06-af-03/01 | 03000341 | 03000362 | Xeon 6700-Series Processors with E-Cores\n \n New Disclosures Updated in Prior Releases:\n All ADL, RPL, SPR, EMR, MTL, ARL Microcode patches previously released in May 2025.\n",
"title": "Description of the patch"
},
{
"category": "details",
"text": "SUSE-2025-3053,SUSE-SLE-Micro-5.3-2025-3053,SUSE-SLE-Micro-5.4-2025-3053,SUSE-SLE-Micro-5.5-2025-3053,SUSE-SLE-Module-Basesystem-15-SP6-2025-3053,SUSE-SLE-Module-Basesystem-15-SP7-2025-3053,SUSE-SLE-Product-HPC-15-SP3-LTSS-2025-3053,SUSE-SLE-Product-HPC-15-SP4-ESPOS-2025-3053,SUSE-SLE-Product-HPC-15-SP4-LTSS-2025-3053,SUSE-SLE-Product-HPC-15-SP5-ESPOS-2025-3053,SUSE-SLE-Product-HPC-15-SP5-LTSS-2025-3053,SUSE-SLE-Product-SLES-15-SP3-LTSS-2025-3053,SUSE-SLE-Product-SLES-15-SP4-LTSS-2025-3053,SUSE-SLE-Product-SLES-15-SP5-LTSS-2025-3053,SUSE-SLE-Product-SLES_SAP-15-SP3-2025-3053,SUSE-SLE-Product-SLES_SAP-15-SP4-2025-3053,SUSE-SLE-Product-SLES_SAP-15-SP5-2025-3053,SUSE-SLE-Product-SUSE-Manager-Proxy-4.3-LTS-2025-3053,SUSE-SLE-Product-SUSE-Manager-Server-4.3-LTS-2025-3053,SUSE-SUSE-MicroOS-5.1-2025-3053,SUSE-SUSE-MicroOS-5.2-2025-3053,SUSE-Storage-7.1-2025-3053,openSUSE-SLE-15.6-2025-3053",
"title": "Patchnames"
},
{
"category": "legal_disclaimer",
"text": "CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).",
"title": "Terms of use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://www.suse.com/support/security/contact/",
"name": "SUSE Product Security Team",
"namespace": "https://www.suse.com/"
},
"references": [
{
"category": "external",
"summary": "SUSE ratings",
"url": "https://www.suse.com/support/security/rating/"
},
{
"category": "self",
"summary": "URL of this CSAF notice",
"url": "https://ftp.suse.com/pub/projects/security/csaf/suse-su-2025_03053-1.json"
},
{
"category": "self",
"summary": "URL for SUSE-SU-2025:03053-1",
"url": "https://www.suse.com/support/update/announcement/2025/suse-su-202503053-1/"
},
{
"category": "self",
"summary": "E-Mail link for SUSE-SU-2025:03053-1",
"url": "https://lists.suse.com/pipermail/sle-updates/2025-September/041494.html"
},
{
"category": "self",
"summary": "SUSE Bug 1248438",
"url": "https://bugzilla.suse.com/1248438"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-20053 page",
"url": "https://www.suse.com/security/cve/CVE-2025-20053/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-20109 page",
"url": "https://www.suse.com/security/cve/CVE-2025-20109/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-22839 page",
"url": "https://www.suse.com/security/cve/CVE-2025-22839/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-22840 page",
"url": "https://www.suse.com/security/cve/CVE-2025-22840/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-22889 page",
"url": "https://www.suse.com/security/cve/CVE-2025-22889/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-26403 page",
"url": "https://www.suse.com/security/cve/CVE-2025-26403/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-32086 page",
"url": "https://www.suse.com/security/cve/CVE-2025-32086/"
}
],
"title": "Security update for ucode-intel",
"tracking": {
"current_release_date": "2025-09-02T17:42:12Z",
"generator": {
"date": "2025-09-02T17:42:12Z",
"engine": {
"name": "cve-database.git:bin/generate-csaf.pl",
"version": "1"
}
},
"id": "SUSE-SU-2025:03053-1",
"initial_release_date": "2025-09-02T17:42:12Z",
"revision_history": [
{
"date": "2025-09-02T17:42:12Z",
"number": "1",
"summary": "Current version"
}
],
"status": "final",
"version": "1"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_version",
"name": "ucode-intel-20250812-150200.59.1.i586",
"product": {
"name": "ucode-intel-20250812-150200.59.1.i586",
"product_id": "ucode-intel-20250812-150200.59.1.i586"
}
}
],
"category": "architecture",
"name": "i586"
},
{
"branches": [
{
"category": "product_version",
"name": "ucode-intel-20250812-150200.59.1.x86_64",
"product": {
"name": "ucode-intel-20250812-150200.59.1.x86_64",
"product_id": "ucode-intel-20250812-150200.59.1.x86_64"
}
}
],
"category": "architecture",
"name": "x86_64"
},
{
"branches": [
{
"category": "product_name",
"name": "SUSE Linux Enterprise Micro 5.3",
"product": {
"name": "SUSE Linux Enterprise Micro 5.3",
"product_id": "SUSE Linux Enterprise Micro 5.3",
"product_identification_helper": {
"cpe": "cpe:/o:suse:sle-micro:5.3"
}
}
},
{
"category": "product_name",
"name": "SUSE Linux Enterprise Micro 5.4",
"product": {
"name": "SUSE Linux Enterprise Micro 5.4",
"product_id": "SUSE Linux Enterprise Micro 5.4",
"product_identification_helper": {
"cpe": "cpe:/o:suse:sle-micro:5.4"
}
}
},
{
"category": "product_name",
"name": "SUSE Linux Enterprise Micro 5.5",
"product": {
"name": "SUSE Linux Enterprise Micro 5.5",
"product_id": "SUSE Linux Enterprise Micro 5.5",
"product_identification_helper": {
"cpe": "cpe:/o:suse:sle-micro:5.5"
}
}
},
{
"category": "product_name",
"name": "SUSE Linux Enterprise Module for Basesystem 15 SP6",
"product": {
"name": "SUSE Linux Enterprise Module for Basesystem 15 SP6",
"product_id": "SUSE Linux Enterprise Module for Basesystem 15 SP6",
"product_identification_helper": {
"cpe": "cpe:/o:suse:sle-module-basesystem:15:sp6"
}
}
},
{
"category": "product_name",
"name": "SUSE Linux Enterprise Module for Basesystem 15 SP7",
"product": {
"name": "SUSE Linux Enterprise Module for Basesystem 15 SP7",
"product_id": "SUSE Linux Enterprise Module for Basesystem 15 SP7",
"product_identification_helper": {
"cpe": "cpe:/o:suse:sle-module-basesystem:15:sp7"
}
}
},
{
"category": "product_name",
"name": "SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS",
"product": {
"name": "SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS",
"product_id": "SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS",
"product_identification_helper": {
"cpe": "cpe:/o:suse:sle_hpc-ltss:15:sp3"
}
}
},
{
"category": "product_name",
"name": "SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS",
"product": {
"name": "SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS",
"product_id": "SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS",
"product_identification_helper": {
"cpe": "cpe:/o:suse:sle_hpc-espos:15:sp4"
}
}
},
{
"category": "product_name",
"name": "SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS",
"product": {
"name": "SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS",
"product_id": "SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS",
"product_identification_helper": {
"cpe": "cpe:/o:suse:sle_hpc-ltss:15:sp4"
}
}
},
{
"category": "product_name",
"name": "SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS",
"product": {
"name": "SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS",
"product_id": "SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS",
"product_identification_helper": {
"cpe": "cpe:/o:suse:sle_hpc-espos:15:sp5"
}
}
},
{
"category": "product_name",
"name": "SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS",
"product": {
"name": "SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS",
"product_id": "SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS",
"product_identification_helper": {
"cpe": "cpe:/o:suse:sle_hpc-ltss:15:sp5"
}
}
},
{
"category": "product_name",
"name": "SUSE Linux Enterprise Server 15 SP3-LTSS",
"product": {
"name": "SUSE Linux Enterprise Server 15 SP3-LTSS",
"product_id": "SUSE Linux Enterprise Server 15 SP3-LTSS",
"product_identification_helper": {
"cpe": "cpe:/o:suse:sles-ltss:15:sp3"
}
}
},
{
"category": "product_name",
"name": "SUSE Linux Enterprise Server 15 SP4-LTSS",
"product": {
"name": "SUSE Linux Enterprise Server 15 SP4-LTSS",
"product_id": "SUSE Linux Enterprise Server 15 SP4-LTSS",
"product_identification_helper": {
"cpe": "cpe:/o:suse:sles-ltss:15:sp4"
}
}
},
{
"category": "product_name",
"name": "SUSE Linux Enterprise Server 15 SP5-LTSS",
"product": {
"name": "SUSE Linux Enterprise Server 15 SP5-LTSS",
"product_id": "SUSE Linux Enterprise Server 15 SP5-LTSS",
"product_identification_helper": {
"cpe": "cpe:/o:suse:sles-ltss:15:sp5"
}
}
},
{
"category": "product_name",
"name": "SUSE Linux Enterprise Server for SAP Applications 15 SP3",
"product": {
"name": "SUSE Linux Enterprise Server for SAP Applications 15 SP3",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 15 SP3",
"product_identification_helper": {
"cpe": "cpe:/o:suse:sles_sap:15:sp3"
}
}
},
{
"category": "product_name",
"name": "SUSE Linux Enterprise Server for SAP Applications 15 SP4",
"product": {
"name": "SUSE Linux Enterprise Server for SAP Applications 15 SP4",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 15 SP4",
"product_identification_helper": {
"cpe": "cpe:/o:suse:sles_sap:15:sp4"
}
}
},
{
"category": "product_name",
"name": "SUSE Linux Enterprise Server for SAP Applications 15 SP5",
"product": {
"name": "SUSE Linux Enterprise Server for SAP Applications 15 SP5",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 15 SP5",
"product_identification_helper": {
"cpe": "cpe:/o:suse:sles_sap:15:sp5"
}
}
},
{
"category": "product_name",
"name": "SUSE Manager Proxy LTS 4.3",
"product": {
"name": "SUSE Manager Proxy LTS 4.3",
"product_id": "SUSE Manager Proxy LTS 4.3",
"product_identification_helper": {
"cpe": "cpe:/o:suse:suse-manager-proxy-lts:4.3"
}
}
},
{
"category": "product_name",
"name": "SUSE Manager Server LTS 4.3",
"product": {
"name": "SUSE Manager Server LTS 4.3",
"product_id": "SUSE Manager Server LTS 4.3",
"product_identification_helper": {
"cpe": "cpe:/o:suse:suse-manager-server-lts:4.3"
}
}
},
{
"category": "product_name",
"name": "SUSE Linux Enterprise Micro 5.1",
"product": {
"name": "SUSE Linux Enterprise Micro 5.1",
"product_id": "SUSE Linux Enterprise Micro 5.1",
"product_identification_helper": {
"cpe": "cpe:/o:suse:suse-microos:5.1"
}
}
},
{
"category": "product_name",
"name": "SUSE Linux Enterprise Micro 5.2",
"product": {
"name": "SUSE Linux Enterprise Micro 5.2",
"product_id": "SUSE Linux Enterprise Micro 5.2",
"product_identification_helper": {
"cpe": "cpe:/o:suse:suse-microos:5.2"
}
}
},
{
"category": "product_name",
"name": "SUSE Enterprise Storage 7.1",
"product": {
"name": "SUSE Enterprise Storage 7.1",
"product_id": "SUSE Enterprise Storage 7.1",
"product_identification_helper": {
"cpe": "cpe:/o:suse:ses:7.1"
}
}
},
{
"category": "product_name",
"name": "openSUSE Leap 15.6",
"product": {
"name": "openSUSE Leap 15.6",
"product_id": "openSUSE Leap 15.6",
"product_identification_helper": {
"cpe": "cpe:/o:opensuse:leap:15.6"
}
}
}
],
"category": "product_family",
"name": "SUSE Linux Enterprise"
}
],
"category": "vendor",
"name": "SUSE"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "ucode-intel-20250812-150200.59.1.x86_64 as component of SUSE Linux Enterprise Micro 5.3",
"product_id": "SUSE Linux Enterprise Micro 5.3:ucode-intel-20250812-150200.59.1.x86_64"
},
"product_reference": "ucode-intel-20250812-150200.59.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Micro 5.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "ucode-intel-20250812-150200.59.1.x86_64 as component of SUSE Linux Enterprise Micro 5.4",
"product_id": "SUSE Linux Enterprise Micro 5.4:ucode-intel-20250812-150200.59.1.x86_64"
},
"product_reference": "ucode-intel-20250812-150200.59.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Micro 5.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "ucode-intel-20250812-150200.59.1.x86_64 as component of SUSE Linux Enterprise Micro 5.5",
"product_id": "SUSE Linux Enterprise Micro 5.5:ucode-intel-20250812-150200.59.1.x86_64"
},
"product_reference": "ucode-intel-20250812-150200.59.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Micro 5.5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "ucode-intel-20250812-150200.59.1.x86_64 as component of SUSE Linux Enterprise Module for Basesystem 15 SP6",
"product_id": "SUSE Linux Enterprise Module for Basesystem 15 SP6:ucode-intel-20250812-150200.59.1.x86_64"
},
"product_reference": "ucode-intel-20250812-150200.59.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Module for Basesystem 15 SP6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "ucode-intel-20250812-150200.59.1.x86_64 as component of SUSE Linux Enterprise Module for Basesystem 15 SP7",
"product_id": "SUSE Linux Enterprise Module for Basesystem 15 SP7:ucode-intel-20250812-150200.59.1.x86_64"
},
"product_reference": "ucode-intel-20250812-150200.59.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Module for Basesystem 15 SP7"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "ucode-intel-20250812-150200.59.1.x86_64 as component of SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS",
"product_id": "SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:ucode-intel-20250812-150200.59.1.x86_64"
},
"product_reference": "ucode-intel-20250812-150200.59.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "ucode-intel-20250812-150200.59.1.x86_64 as component of SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS",
"product_id": "SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:ucode-intel-20250812-150200.59.1.x86_64"
},
"product_reference": "ucode-intel-20250812-150200.59.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "ucode-intel-20250812-150200.59.1.x86_64 as component of SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS",
"product_id": "SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:ucode-intel-20250812-150200.59.1.x86_64"
},
"product_reference": "ucode-intel-20250812-150200.59.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "ucode-intel-20250812-150200.59.1.x86_64 as component of SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS",
"product_id": "SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:ucode-intel-20250812-150200.59.1.x86_64"
},
"product_reference": "ucode-intel-20250812-150200.59.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "ucode-intel-20250812-150200.59.1.x86_64 as component of SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS",
"product_id": "SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:ucode-intel-20250812-150200.59.1.x86_64"
},
"product_reference": "ucode-intel-20250812-150200.59.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "ucode-intel-20250812-150200.59.1.x86_64 as component of SUSE Linux Enterprise Server 15 SP3-LTSS",
"product_id": "SUSE Linux Enterprise Server 15 SP3-LTSS:ucode-intel-20250812-150200.59.1.x86_64"
},
"product_reference": "ucode-intel-20250812-150200.59.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 15 SP3-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "ucode-intel-20250812-150200.59.1.x86_64 as component of SUSE Linux Enterprise Server 15 SP4-LTSS",
"product_id": "SUSE Linux Enterprise Server 15 SP4-LTSS:ucode-intel-20250812-150200.59.1.x86_64"
},
"product_reference": "ucode-intel-20250812-150200.59.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 15 SP4-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "ucode-intel-20250812-150200.59.1.x86_64 as component of SUSE Linux Enterprise Server 15 SP5-LTSS",
"product_id": "SUSE Linux Enterprise Server 15 SP5-LTSS:ucode-intel-20250812-150200.59.1.x86_64"
},
"product_reference": "ucode-intel-20250812-150200.59.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 15 SP5-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "ucode-intel-20250812-150200.59.1.x86_64 as component of SUSE Linux Enterprise Server for SAP Applications 15 SP3",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 15 SP3:ucode-intel-20250812-150200.59.1.x86_64"
},
"product_reference": "ucode-intel-20250812-150200.59.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 15 SP3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "ucode-intel-20250812-150200.59.1.x86_64 as component of SUSE Linux Enterprise Server for SAP Applications 15 SP4",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 15 SP4:ucode-intel-20250812-150200.59.1.x86_64"
},
"product_reference": "ucode-intel-20250812-150200.59.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 15 SP4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "ucode-intel-20250812-150200.59.1.x86_64 as component of SUSE Linux Enterprise Server for SAP Applications 15 SP5",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 15 SP5:ucode-intel-20250812-150200.59.1.x86_64"
},
"product_reference": "ucode-intel-20250812-150200.59.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 15 SP5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "ucode-intel-20250812-150200.59.1.x86_64 as component of SUSE Manager Proxy LTS 4.3",
"product_id": "SUSE Manager Proxy LTS 4.3:ucode-intel-20250812-150200.59.1.x86_64"
},
"product_reference": "ucode-intel-20250812-150200.59.1.x86_64",
"relates_to_product_reference": "SUSE Manager Proxy LTS 4.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "ucode-intel-20250812-150200.59.1.x86_64 as component of SUSE Manager Server LTS 4.3",
"product_id": "SUSE Manager Server LTS 4.3:ucode-intel-20250812-150200.59.1.x86_64"
},
"product_reference": "ucode-intel-20250812-150200.59.1.x86_64",
"relates_to_product_reference": "SUSE Manager Server LTS 4.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "ucode-intel-20250812-150200.59.1.x86_64 as component of SUSE Linux Enterprise Micro 5.1",
"product_id": "SUSE Linux Enterprise Micro 5.1:ucode-intel-20250812-150200.59.1.x86_64"
},
"product_reference": "ucode-intel-20250812-150200.59.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Micro 5.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "ucode-intel-20250812-150200.59.1.x86_64 as component of SUSE Linux Enterprise Micro 5.2",
"product_id": "SUSE Linux Enterprise Micro 5.2:ucode-intel-20250812-150200.59.1.x86_64"
},
"product_reference": "ucode-intel-20250812-150200.59.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Micro 5.2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "ucode-intel-20250812-150200.59.1.x86_64 as component of SUSE Enterprise Storage 7.1",
"product_id": "SUSE Enterprise Storage 7.1:ucode-intel-20250812-150200.59.1.x86_64"
},
"product_reference": "ucode-intel-20250812-150200.59.1.x86_64",
"relates_to_product_reference": "SUSE Enterprise Storage 7.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "ucode-intel-20250812-150200.59.1.x86_64 as component of openSUSE Leap 15.6",
"product_id": "openSUSE Leap 15.6:ucode-intel-20250812-150200.59.1.x86_64"
},
"product_reference": "ucode-intel-20250812-150200.59.1.x86_64",
"relates_to_product_reference": "openSUSE Leap 15.6"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2025-20053",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-20053"
}
],
"notes": [
{
"category": "general",
"text": "Improper buffer restrictions for some Intel(R) Xeon(R) Processor firmware with SGX enabled may allow a privileged user to potentially enable escalation of privilege via local access.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Enterprise Storage 7.1:ucode-intel-20250812-150200.59.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:ucode-intel-20250812-150200.59.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:ucode-intel-20250812-150200.59.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:ucode-intel-20250812-150200.59.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:ucode-intel-20250812-150200.59.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:ucode-intel-20250812-150200.59.1.x86_64",
"SUSE Linux Enterprise Micro 5.1:ucode-intel-20250812-150200.59.1.x86_64",
"SUSE Linux Enterprise Micro 5.2:ucode-intel-20250812-150200.59.1.x86_64",
"SUSE Linux Enterprise Micro 5.3:ucode-intel-20250812-150200.59.1.x86_64",
"SUSE Linux Enterprise Micro 5.4:ucode-intel-20250812-150200.59.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:ucode-intel-20250812-150200.59.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:ucode-intel-20250812-150200.59.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:ucode-intel-20250812-150200.59.1.x86_64",
"SUSE Linux Enterprise Server 15 SP3-LTSS:ucode-intel-20250812-150200.59.1.x86_64",
"SUSE Linux Enterprise Server 15 SP4-LTSS:ucode-intel-20250812-150200.59.1.x86_64",
"SUSE Linux Enterprise Server 15 SP5-LTSS:ucode-intel-20250812-150200.59.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP3:ucode-intel-20250812-150200.59.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP4:ucode-intel-20250812-150200.59.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP5:ucode-intel-20250812-150200.59.1.x86_64",
"SUSE Manager Proxy LTS 4.3:ucode-intel-20250812-150200.59.1.x86_64",
"SUSE Manager Server LTS 4.3:ucode-intel-20250812-150200.59.1.x86_64",
"openSUSE Leap 15.6:ucode-intel-20250812-150200.59.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-20053",
"url": "https://www.suse.com/security/cve/CVE-2025-20053"
},
{
"category": "external",
"summary": "SUSE Bug 1248438 for CVE-2025-20053",
"url": "https://bugzilla.suse.com/1248438"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Enterprise Storage 7.1:ucode-intel-20250812-150200.59.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:ucode-intel-20250812-150200.59.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:ucode-intel-20250812-150200.59.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:ucode-intel-20250812-150200.59.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:ucode-intel-20250812-150200.59.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:ucode-intel-20250812-150200.59.1.x86_64",
"SUSE Linux Enterprise Micro 5.1:ucode-intel-20250812-150200.59.1.x86_64",
"SUSE Linux Enterprise Micro 5.2:ucode-intel-20250812-150200.59.1.x86_64",
"SUSE Linux Enterprise Micro 5.3:ucode-intel-20250812-150200.59.1.x86_64",
"SUSE Linux Enterprise Micro 5.4:ucode-intel-20250812-150200.59.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:ucode-intel-20250812-150200.59.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:ucode-intel-20250812-150200.59.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:ucode-intel-20250812-150200.59.1.x86_64",
"SUSE Linux Enterprise Server 15 SP3-LTSS:ucode-intel-20250812-150200.59.1.x86_64",
"SUSE Linux Enterprise Server 15 SP4-LTSS:ucode-intel-20250812-150200.59.1.x86_64",
"SUSE Linux Enterprise Server 15 SP5-LTSS:ucode-intel-20250812-150200.59.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP3:ucode-intel-20250812-150200.59.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP4:ucode-intel-20250812-150200.59.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP5:ucode-intel-20250812-150200.59.1.x86_64",
"SUSE Manager Proxy LTS 4.3:ucode-intel-20250812-150200.59.1.x86_64",
"SUSE Manager Server LTS 4.3:ucode-intel-20250812-150200.59.1.x86_64",
"openSUSE Leap 15.6:ucode-intel-20250812-150200.59.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.2,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:C/C:H/I:H/A:N",
"version": "3.1"
},
"products": [
"SUSE Enterprise Storage 7.1:ucode-intel-20250812-150200.59.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:ucode-intel-20250812-150200.59.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:ucode-intel-20250812-150200.59.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:ucode-intel-20250812-150200.59.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:ucode-intel-20250812-150200.59.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:ucode-intel-20250812-150200.59.1.x86_64",
"SUSE Linux Enterprise Micro 5.1:ucode-intel-20250812-150200.59.1.x86_64",
"SUSE Linux Enterprise Micro 5.2:ucode-intel-20250812-150200.59.1.x86_64",
"SUSE Linux Enterprise Micro 5.3:ucode-intel-20250812-150200.59.1.x86_64",
"SUSE Linux Enterprise Micro 5.4:ucode-intel-20250812-150200.59.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:ucode-intel-20250812-150200.59.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:ucode-intel-20250812-150200.59.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:ucode-intel-20250812-150200.59.1.x86_64",
"SUSE Linux Enterprise Server 15 SP3-LTSS:ucode-intel-20250812-150200.59.1.x86_64",
"SUSE Linux Enterprise Server 15 SP4-LTSS:ucode-intel-20250812-150200.59.1.x86_64",
"SUSE Linux Enterprise Server 15 SP5-LTSS:ucode-intel-20250812-150200.59.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP3:ucode-intel-20250812-150200.59.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP4:ucode-intel-20250812-150200.59.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP5:ucode-intel-20250812-150200.59.1.x86_64",
"SUSE Manager Proxy LTS 4.3:ucode-intel-20250812-150200.59.1.x86_64",
"SUSE Manager Server LTS 4.3:ucode-intel-20250812-150200.59.1.x86_64",
"openSUSE Leap 15.6:ucode-intel-20250812-150200.59.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-09-02T17:42:12Z",
"details": "important"
}
],
"title": "CVE-2025-20053"
},
{
"cve": "CVE-2025-20109",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-20109"
}
],
"notes": [
{
"category": "general",
"text": "Improper Isolation or Compartmentalization in the stream cache mechanism for some Intel(R) Processors may allow an authenticated user to potentially enable escalation of privilege via local access.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Enterprise Storage 7.1:ucode-intel-20250812-150200.59.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:ucode-intel-20250812-150200.59.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:ucode-intel-20250812-150200.59.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:ucode-intel-20250812-150200.59.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:ucode-intel-20250812-150200.59.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:ucode-intel-20250812-150200.59.1.x86_64",
"SUSE Linux Enterprise Micro 5.1:ucode-intel-20250812-150200.59.1.x86_64",
"SUSE Linux Enterprise Micro 5.2:ucode-intel-20250812-150200.59.1.x86_64",
"SUSE Linux Enterprise Micro 5.3:ucode-intel-20250812-150200.59.1.x86_64",
"SUSE Linux Enterprise Micro 5.4:ucode-intel-20250812-150200.59.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:ucode-intel-20250812-150200.59.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:ucode-intel-20250812-150200.59.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:ucode-intel-20250812-150200.59.1.x86_64",
"SUSE Linux Enterprise Server 15 SP3-LTSS:ucode-intel-20250812-150200.59.1.x86_64",
"SUSE Linux Enterprise Server 15 SP4-LTSS:ucode-intel-20250812-150200.59.1.x86_64",
"SUSE Linux Enterprise Server 15 SP5-LTSS:ucode-intel-20250812-150200.59.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP3:ucode-intel-20250812-150200.59.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP4:ucode-intel-20250812-150200.59.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP5:ucode-intel-20250812-150200.59.1.x86_64",
"SUSE Manager Proxy LTS 4.3:ucode-intel-20250812-150200.59.1.x86_64",
"SUSE Manager Server LTS 4.3:ucode-intel-20250812-150200.59.1.x86_64",
"openSUSE Leap 15.6:ucode-intel-20250812-150200.59.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-20109",
"url": "https://www.suse.com/security/cve/CVE-2025-20109"
},
{
"category": "external",
"summary": "SUSE Bug 1248438 for CVE-2025-20109",
"url": "https://bugzilla.suse.com/1248438"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Enterprise Storage 7.1:ucode-intel-20250812-150200.59.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:ucode-intel-20250812-150200.59.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:ucode-intel-20250812-150200.59.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:ucode-intel-20250812-150200.59.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:ucode-intel-20250812-150200.59.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:ucode-intel-20250812-150200.59.1.x86_64",
"SUSE Linux Enterprise Micro 5.1:ucode-intel-20250812-150200.59.1.x86_64",
"SUSE Linux Enterprise Micro 5.2:ucode-intel-20250812-150200.59.1.x86_64",
"SUSE Linux Enterprise Micro 5.3:ucode-intel-20250812-150200.59.1.x86_64",
"SUSE Linux Enterprise Micro 5.4:ucode-intel-20250812-150200.59.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:ucode-intel-20250812-150200.59.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:ucode-intel-20250812-150200.59.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:ucode-intel-20250812-150200.59.1.x86_64",
"SUSE Linux Enterprise Server 15 SP3-LTSS:ucode-intel-20250812-150200.59.1.x86_64",
"SUSE Linux Enterprise Server 15 SP4-LTSS:ucode-intel-20250812-150200.59.1.x86_64",
"SUSE Linux Enterprise Server 15 SP5-LTSS:ucode-intel-20250812-150200.59.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP3:ucode-intel-20250812-150200.59.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP4:ucode-intel-20250812-150200.59.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP5:ucode-intel-20250812-150200.59.1.x86_64",
"SUSE Manager Proxy LTS 4.3:ucode-intel-20250812-150200.59.1.x86_64",
"SUSE Manager Server LTS 4.3:ucode-intel-20250812-150200.59.1.x86_64",
"openSUSE Leap 15.6:ucode-intel-20250812-150200.59.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:C/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Enterprise Storage 7.1:ucode-intel-20250812-150200.59.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:ucode-intel-20250812-150200.59.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:ucode-intel-20250812-150200.59.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:ucode-intel-20250812-150200.59.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:ucode-intel-20250812-150200.59.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:ucode-intel-20250812-150200.59.1.x86_64",
"SUSE Linux Enterprise Micro 5.1:ucode-intel-20250812-150200.59.1.x86_64",
"SUSE Linux Enterprise Micro 5.2:ucode-intel-20250812-150200.59.1.x86_64",
"SUSE Linux Enterprise Micro 5.3:ucode-intel-20250812-150200.59.1.x86_64",
"SUSE Linux Enterprise Micro 5.4:ucode-intel-20250812-150200.59.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:ucode-intel-20250812-150200.59.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:ucode-intel-20250812-150200.59.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:ucode-intel-20250812-150200.59.1.x86_64",
"SUSE Linux Enterprise Server 15 SP3-LTSS:ucode-intel-20250812-150200.59.1.x86_64",
"SUSE Linux Enterprise Server 15 SP4-LTSS:ucode-intel-20250812-150200.59.1.x86_64",
"SUSE Linux Enterprise Server 15 SP5-LTSS:ucode-intel-20250812-150200.59.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP3:ucode-intel-20250812-150200.59.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP4:ucode-intel-20250812-150200.59.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP5:ucode-intel-20250812-150200.59.1.x86_64",
"SUSE Manager Proxy LTS 4.3:ucode-intel-20250812-150200.59.1.x86_64",
"SUSE Manager Server LTS 4.3:ucode-intel-20250812-150200.59.1.x86_64",
"openSUSE Leap 15.6:ucode-intel-20250812-150200.59.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-09-02T17:42:12Z",
"details": "important"
}
],
"title": "CVE-2025-20109"
},
{
"cve": "CVE-2025-22839",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-22839"
}
],
"notes": [
{
"category": "general",
"text": "Insufficient granularity of access control in the OOB-MSM for some Intel(R) Xeon(R) 6 Scalable processors may allow a privileged user to potentially enable escalation of privilege via adjacent access.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Enterprise Storage 7.1:ucode-intel-20250812-150200.59.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:ucode-intel-20250812-150200.59.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:ucode-intel-20250812-150200.59.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:ucode-intel-20250812-150200.59.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:ucode-intel-20250812-150200.59.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:ucode-intel-20250812-150200.59.1.x86_64",
"SUSE Linux Enterprise Micro 5.1:ucode-intel-20250812-150200.59.1.x86_64",
"SUSE Linux Enterprise Micro 5.2:ucode-intel-20250812-150200.59.1.x86_64",
"SUSE Linux Enterprise Micro 5.3:ucode-intel-20250812-150200.59.1.x86_64",
"SUSE Linux Enterprise Micro 5.4:ucode-intel-20250812-150200.59.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:ucode-intel-20250812-150200.59.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:ucode-intel-20250812-150200.59.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:ucode-intel-20250812-150200.59.1.x86_64",
"SUSE Linux Enterprise Server 15 SP3-LTSS:ucode-intel-20250812-150200.59.1.x86_64",
"SUSE Linux Enterprise Server 15 SP4-LTSS:ucode-intel-20250812-150200.59.1.x86_64",
"SUSE Linux Enterprise Server 15 SP5-LTSS:ucode-intel-20250812-150200.59.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP3:ucode-intel-20250812-150200.59.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP4:ucode-intel-20250812-150200.59.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP5:ucode-intel-20250812-150200.59.1.x86_64",
"SUSE Manager Proxy LTS 4.3:ucode-intel-20250812-150200.59.1.x86_64",
"SUSE Manager Server LTS 4.3:ucode-intel-20250812-150200.59.1.x86_64",
"openSUSE Leap 15.6:ucode-intel-20250812-150200.59.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-22839",
"url": "https://www.suse.com/security/cve/CVE-2025-22839"
},
{
"category": "external",
"summary": "SUSE Bug 1248438 for CVE-2025-22839",
"url": "https://bugzilla.suse.com/1248438"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Enterprise Storage 7.1:ucode-intel-20250812-150200.59.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:ucode-intel-20250812-150200.59.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:ucode-intel-20250812-150200.59.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:ucode-intel-20250812-150200.59.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:ucode-intel-20250812-150200.59.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:ucode-intel-20250812-150200.59.1.x86_64",
"SUSE Linux Enterprise Micro 5.1:ucode-intel-20250812-150200.59.1.x86_64",
"SUSE Linux Enterprise Micro 5.2:ucode-intel-20250812-150200.59.1.x86_64",
"SUSE Linux Enterprise Micro 5.3:ucode-intel-20250812-150200.59.1.x86_64",
"SUSE Linux Enterprise Micro 5.4:ucode-intel-20250812-150200.59.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:ucode-intel-20250812-150200.59.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:ucode-intel-20250812-150200.59.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:ucode-intel-20250812-150200.59.1.x86_64",
"SUSE Linux Enterprise Server 15 SP3-LTSS:ucode-intel-20250812-150200.59.1.x86_64",
"SUSE Linux Enterprise Server 15 SP4-LTSS:ucode-intel-20250812-150200.59.1.x86_64",
"SUSE Linux Enterprise Server 15 SP5-LTSS:ucode-intel-20250812-150200.59.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP3:ucode-intel-20250812-150200.59.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP4:ucode-intel-20250812-150200.59.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP5:ucode-intel-20250812-150200.59.1.x86_64",
"SUSE Manager Proxy LTS 4.3:ucode-intel-20250812-150200.59.1.x86_64",
"SUSE Manager Server LTS 4.3:ucode-intel-20250812-150200.59.1.x86_64",
"openSUSE Leap 15.6:ucode-intel-20250812-150200.59.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.5,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:A/AC:H/PR:H/UI:N/S:C/C:H/I:H/A:L",
"version": "3.1"
},
"products": [
"SUSE Enterprise Storage 7.1:ucode-intel-20250812-150200.59.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:ucode-intel-20250812-150200.59.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:ucode-intel-20250812-150200.59.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:ucode-intel-20250812-150200.59.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:ucode-intel-20250812-150200.59.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:ucode-intel-20250812-150200.59.1.x86_64",
"SUSE Linux Enterprise Micro 5.1:ucode-intel-20250812-150200.59.1.x86_64",
"SUSE Linux Enterprise Micro 5.2:ucode-intel-20250812-150200.59.1.x86_64",
"SUSE Linux Enterprise Micro 5.3:ucode-intel-20250812-150200.59.1.x86_64",
"SUSE Linux Enterprise Micro 5.4:ucode-intel-20250812-150200.59.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:ucode-intel-20250812-150200.59.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:ucode-intel-20250812-150200.59.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:ucode-intel-20250812-150200.59.1.x86_64",
"SUSE Linux Enterprise Server 15 SP3-LTSS:ucode-intel-20250812-150200.59.1.x86_64",
"SUSE Linux Enterprise Server 15 SP4-LTSS:ucode-intel-20250812-150200.59.1.x86_64",
"SUSE Linux Enterprise Server 15 SP5-LTSS:ucode-intel-20250812-150200.59.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP3:ucode-intel-20250812-150200.59.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP4:ucode-intel-20250812-150200.59.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP5:ucode-intel-20250812-150200.59.1.x86_64",
"SUSE Manager Proxy LTS 4.3:ucode-intel-20250812-150200.59.1.x86_64",
"SUSE Manager Server LTS 4.3:ucode-intel-20250812-150200.59.1.x86_64",
"openSUSE Leap 15.6:ucode-intel-20250812-150200.59.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-09-02T17:42:12Z",
"details": "important"
}
],
"title": "CVE-2025-22839"
},
{
"cve": "CVE-2025-22840",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-22840"
}
],
"notes": [
{
"category": "general",
"text": "Sequence of processor instructions leads to unexpected behavior for some Intel(R) Xeon(R) 6 Scalable processors may allow an authenticated user to potentially enable escalation of privilege via local access",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Enterprise Storage 7.1:ucode-intel-20250812-150200.59.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:ucode-intel-20250812-150200.59.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:ucode-intel-20250812-150200.59.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:ucode-intel-20250812-150200.59.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:ucode-intel-20250812-150200.59.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:ucode-intel-20250812-150200.59.1.x86_64",
"SUSE Linux Enterprise Micro 5.1:ucode-intel-20250812-150200.59.1.x86_64",
"SUSE Linux Enterprise Micro 5.2:ucode-intel-20250812-150200.59.1.x86_64",
"SUSE Linux Enterprise Micro 5.3:ucode-intel-20250812-150200.59.1.x86_64",
"SUSE Linux Enterprise Micro 5.4:ucode-intel-20250812-150200.59.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:ucode-intel-20250812-150200.59.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:ucode-intel-20250812-150200.59.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:ucode-intel-20250812-150200.59.1.x86_64",
"SUSE Linux Enterprise Server 15 SP3-LTSS:ucode-intel-20250812-150200.59.1.x86_64",
"SUSE Linux Enterprise Server 15 SP4-LTSS:ucode-intel-20250812-150200.59.1.x86_64",
"SUSE Linux Enterprise Server 15 SP5-LTSS:ucode-intel-20250812-150200.59.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP3:ucode-intel-20250812-150200.59.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP4:ucode-intel-20250812-150200.59.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP5:ucode-intel-20250812-150200.59.1.x86_64",
"SUSE Manager Proxy LTS 4.3:ucode-intel-20250812-150200.59.1.x86_64",
"SUSE Manager Server LTS 4.3:ucode-intel-20250812-150200.59.1.x86_64",
"openSUSE Leap 15.6:ucode-intel-20250812-150200.59.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-22840",
"url": "https://www.suse.com/security/cve/CVE-2025-22840"
},
{
"category": "external",
"summary": "SUSE Bug 1248438 for CVE-2025-22840",
"url": "https://bugzilla.suse.com/1248438"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Enterprise Storage 7.1:ucode-intel-20250812-150200.59.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:ucode-intel-20250812-150200.59.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:ucode-intel-20250812-150200.59.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:ucode-intel-20250812-150200.59.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:ucode-intel-20250812-150200.59.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:ucode-intel-20250812-150200.59.1.x86_64",
"SUSE Linux Enterprise Micro 5.1:ucode-intel-20250812-150200.59.1.x86_64",
"SUSE Linux Enterprise Micro 5.2:ucode-intel-20250812-150200.59.1.x86_64",
"SUSE Linux Enterprise Micro 5.3:ucode-intel-20250812-150200.59.1.x86_64",
"SUSE Linux Enterprise Micro 5.4:ucode-intel-20250812-150200.59.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:ucode-intel-20250812-150200.59.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:ucode-intel-20250812-150200.59.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:ucode-intel-20250812-150200.59.1.x86_64",
"SUSE Linux Enterprise Server 15 SP3-LTSS:ucode-intel-20250812-150200.59.1.x86_64",
"SUSE Linux Enterprise Server 15 SP4-LTSS:ucode-intel-20250812-150200.59.1.x86_64",
"SUSE Linux Enterprise Server 15 SP5-LTSS:ucode-intel-20250812-150200.59.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP3:ucode-intel-20250812-150200.59.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP4:ucode-intel-20250812-150200.59.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP5:ucode-intel-20250812-150200.59.1.x86_64",
"SUSE Manager Proxy LTS 4.3:ucode-intel-20250812-150200.59.1.x86_64",
"SUSE Manager Server LTS 4.3:ucode-intel-20250812-150200.59.1.x86_64",
"openSUSE Leap 15.6:ucode-intel-20250812-150200.59.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.4,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:R/S:C/C:H/I:H/A:L",
"version": "3.1"
},
"products": [
"SUSE Enterprise Storage 7.1:ucode-intel-20250812-150200.59.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:ucode-intel-20250812-150200.59.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:ucode-intel-20250812-150200.59.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:ucode-intel-20250812-150200.59.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:ucode-intel-20250812-150200.59.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:ucode-intel-20250812-150200.59.1.x86_64",
"SUSE Linux Enterprise Micro 5.1:ucode-intel-20250812-150200.59.1.x86_64",
"SUSE Linux Enterprise Micro 5.2:ucode-intel-20250812-150200.59.1.x86_64",
"SUSE Linux Enterprise Micro 5.3:ucode-intel-20250812-150200.59.1.x86_64",
"SUSE Linux Enterprise Micro 5.4:ucode-intel-20250812-150200.59.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:ucode-intel-20250812-150200.59.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:ucode-intel-20250812-150200.59.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:ucode-intel-20250812-150200.59.1.x86_64",
"SUSE Linux Enterprise Server 15 SP3-LTSS:ucode-intel-20250812-150200.59.1.x86_64",
"SUSE Linux Enterprise Server 15 SP4-LTSS:ucode-intel-20250812-150200.59.1.x86_64",
"SUSE Linux Enterprise Server 15 SP5-LTSS:ucode-intel-20250812-150200.59.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP3:ucode-intel-20250812-150200.59.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP4:ucode-intel-20250812-150200.59.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP5:ucode-intel-20250812-150200.59.1.x86_64",
"SUSE Manager Proxy LTS 4.3:ucode-intel-20250812-150200.59.1.x86_64",
"SUSE Manager Server LTS 4.3:ucode-intel-20250812-150200.59.1.x86_64",
"openSUSE Leap 15.6:ucode-intel-20250812-150200.59.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-09-02T17:42:12Z",
"details": "important"
}
],
"title": "CVE-2025-22840"
},
{
"cve": "CVE-2025-22889",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-22889"
}
],
"notes": [
{
"category": "general",
"text": "Improper handling of overlap between protected memory ranges for some Intel(R) Xeon(R) 6 processor with Intel(R) TDX may allow a privileged user to potentially enable escalation of privilege via local access.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Enterprise Storage 7.1:ucode-intel-20250812-150200.59.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:ucode-intel-20250812-150200.59.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:ucode-intel-20250812-150200.59.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:ucode-intel-20250812-150200.59.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:ucode-intel-20250812-150200.59.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:ucode-intel-20250812-150200.59.1.x86_64",
"SUSE Linux Enterprise Micro 5.1:ucode-intel-20250812-150200.59.1.x86_64",
"SUSE Linux Enterprise Micro 5.2:ucode-intel-20250812-150200.59.1.x86_64",
"SUSE Linux Enterprise Micro 5.3:ucode-intel-20250812-150200.59.1.x86_64",
"SUSE Linux Enterprise Micro 5.4:ucode-intel-20250812-150200.59.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:ucode-intel-20250812-150200.59.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:ucode-intel-20250812-150200.59.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:ucode-intel-20250812-150200.59.1.x86_64",
"SUSE Linux Enterprise Server 15 SP3-LTSS:ucode-intel-20250812-150200.59.1.x86_64",
"SUSE Linux Enterprise Server 15 SP4-LTSS:ucode-intel-20250812-150200.59.1.x86_64",
"SUSE Linux Enterprise Server 15 SP5-LTSS:ucode-intel-20250812-150200.59.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP3:ucode-intel-20250812-150200.59.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP4:ucode-intel-20250812-150200.59.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP5:ucode-intel-20250812-150200.59.1.x86_64",
"SUSE Manager Proxy LTS 4.3:ucode-intel-20250812-150200.59.1.x86_64",
"SUSE Manager Server LTS 4.3:ucode-intel-20250812-150200.59.1.x86_64",
"openSUSE Leap 15.6:ucode-intel-20250812-150200.59.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-22889",
"url": "https://www.suse.com/security/cve/CVE-2025-22889"
},
{
"category": "external",
"summary": "SUSE Bug 1248438 for CVE-2025-22889",
"url": "https://bugzilla.suse.com/1248438"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Enterprise Storage 7.1:ucode-intel-20250812-150200.59.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:ucode-intel-20250812-150200.59.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:ucode-intel-20250812-150200.59.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:ucode-intel-20250812-150200.59.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:ucode-intel-20250812-150200.59.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:ucode-intel-20250812-150200.59.1.x86_64",
"SUSE Linux Enterprise Micro 5.1:ucode-intel-20250812-150200.59.1.x86_64",
"SUSE Linux Enterprise Micro 5.2:ucode-intel-20250812-150200.59.1.x86_64",
"SUSE Linux Enterprise Micro 5.3:ucode-intel-20250812-150200.59.1.x86_64",
"SUSE Linux Enterprise Micro 5.4:ucode-intel-20250812-150200.59.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:ucode-intel-20250812-150200.59.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:ucode-intel-20250812-150200.59.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:ucode-intel-20250812-150200.59.1.x86_64",
"SUSE Linux Enterprise Server 15 SP3-LTSS:ucode-intel-20250812-150200.59.1.x86_64",
"SUSE Linux Enterprise Server 15 SP4-LTSS:ucode-intel-20250812-150200.59.1.x86_64",
"SUSE Linux Enterprise Server 15 SP5-LTSS:ucode-intel-20250812-150200.59.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP3:ucode-intel-20250812-150200.59.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP4:ucode-intel-20250812-150200.59.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP5:ucode-intel-20250812-150200.59.1.x86_64",
"SUSE Manager Proxy LTS 4.3:ucode-intel-20250812-150200.59.1.x86_64",
"SUSE Manager Server LTS 4.3:ucode-intel-20250812-150200.59.1.x86_64",
"openSUSE Leap 15.6:ucode-intel-20250812-150200.59.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.9,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:C/C:H/I:H/A:N",
"version": "3.1"
},
"products": [
"SUSE Enterprise Storage 7.1:ucode-intel-20250812-150200.59.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:ucode-intel-20250812-150200.59.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:ucode-intel-20250812-150200.59.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:ucode-intel-20250812-150200.59.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:ucode-intel-20250812-150200.59.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:ucode-intel-20250812-150200.59.1.x86_64",
"SUSE Linux Enterprise Micro 5.1:ucode-intel-20250812-150200.59.1.x86_64",
"SUSE Linux Enterprise Micro 5.2:ucode-intel-20250812-150200.59.1.x86_64",
"SUSE Linux Enterprise Micro 5.3:ucode-intel-20250812-150200.59.1.x86_64",
"SUSE Linux Enterprise Micro 5.4:ucode-intel-20250812-150200.59.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:ucode-intel-20250812-150200.59.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:ucode-intel-20250812-150200.59.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:ucode-intel-20250812-150200.59.1.x86_64",
"SUSE Linux Enterprise Server 15 SP3-LTSS:ucode-intel-20250812-150200.59.1.x86_64",
"SUSE Linux Enterprise Server 15 SP4-LTSS:ucode-intel-20250812-150200.59.1.x86_64",
"SUSE Linux Enterprise Server 15 SP5-LTSS:ucode-intel-20250812-150200.59.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP3:ucode-intel-20250812-150200.59.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP4:ucode-intel-20250812-150200.59.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP5:ucode-intel-20250812-150200.59.1.x86_64",
"SUSE Manager Proxy LTS 4.3:ucode-intel-20250812-150200.59.1.x86_64",
"SUSE Manager Server LTS 4.3:ucode-intel-20250812-150200.59.1.x86_64",
"openSUSE Leap 15.6:ucode-intel-20250812-150200.59.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-09-02T17:42:12Z",
"details": "important"
}
],
"title": "CVE-2025-22889"
},
{
"cve": "CVE-2025-26403",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-26403"
}
],
"notes": [
{
"category": "general",
"text": "Out-of-bounds write in the memory subsystem for some Intel(R) Xeon(R) 6 processors when using Intel(R) SGX or Intel(R) TDX may allow a privileged user to potentially enable escalation of privilege via local access.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Enterprise Storage 7.1:ucode-intel-20250812-150200.59.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:ucode-intel-20250812-150200.59.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:ucode-intel-20250812-150200.59.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:ucode-intel-20250812-150200.59.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:ucode-intel-20250812-150200.59.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:ucode-intel-20250812-150200.59.1.x86_64",
"SUSE Linux Enterprise Micro 5.1:ucode-intel-20250812-150200.59.1.x86_64",
"SUSE Linux Enterprise Micro 5.2:ucode-intel-20250812-150200.59.1.x86_64",
"SUSE Linux Enterprise Micro 5.3:ucode-intel-20250812-150200.59.1.x86_64",
"SUSE Linux Enterprise Micro 5.4:ucode-intel-20250812-150200.59.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:ucode-intel-20250812-150200.59.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:ucode-intel-20250812-150200.59.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:ucode-intel-20250812-150200.59.1.x86_64",
"SUSE Linux Enterprise Server 15 SP3-LTSS:ucode-intel-20250812-150200.59.1.x86_64",
"SUSE Linux Enterprise Server 15 SP4-LTSS:ucode-intel-20250812-150200.59.1.x86_64",
"SUSE Linux Enterprise Server 15 SP5-LTSS:ucode-intel-20250812-150200.59.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP3:ucode-intel-20250812-150200.59.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP4:ucode-intel-20250812-150200.59.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP5:ucode-intel-20250812-150200.59.1.x86_64",
"SUSE Manager Proxy LTS 4.3:ucode-intel-20250812-150200.59.1.x86_64",
"SUSE Manager Server LTS 4.3:ucode-intel-20250812-150200.59.1.x86_64",
"openSUSE Leap 15.6:ucode-intel-20250812-150200.59.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-26403",
"url": "https://www.suse.com/security/cve/CVE-2025-26403"
},
{
"category": "external",
"summary": "SUSE Bug 1248438 for CVE-2025-26403",
"url": "https://bugzilla.suse.com/1248438"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Enterprise Storage 7.1:ucode-intel-20250812-150200.59.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:ucode-intel-20250812-150200.59.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:ucode-intel-20250812-150200.59.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:ucode-intel-20250812-150200.59.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:ucode-intel-20250812-150200.59.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:ucode-intel-20250812-150200.59.1.x86_64",
"SUSE Linux Enterprise Micro 5.1:ucode-intel-20250812-150200.59.1.x86_64",
"SUSE Linux Enterprise Micro 5.2:ucode-intel-20250812-150200.59.1.x86_64",
"SUSE Linux Enterprise Micro 5.3:ucode-intel-20250812-150200.59.1.x86_64",
"SUSE Linux Enterprise Micro 5.4:ucode-intel-20250812-150200.59.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:ucode-intel-20250812-150200.59.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:ucode-intel-20250812-150200.59.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:ucode-intel-20250812-150200.59.1.x86_64",
"SUSE Linux Enterprise Server 15 SP3-LTSS:ucode-intel-20250812-150200.59.1.x86_64",
"SUSE Linux Enterprise Server 15 SP4-LTSS:ucode-intel-20250812-150200.59.1.x86_64",
"SUSE Linux Enterprise Server 15 SP5-LTSS:ucode-intel-20250812-150200.59.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP3:ucode-intel-20250812-150200.59.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP4:ucode-intel-20250812-150200.59.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP5:ucode-intel-20250812-150200.59.1.x86_64",
"SUSE Manager Proxy LTS 4.3:ucode-intel-20250812-150200.59.1.x86_64",
"SUSE Manager Server LTS 4.3:ucode-intel-20250812-150200.59.1.x86_64",
"openSUSE Leap 15.6:ucode-intel-20250812-150200.59.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.2,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:C/C:H/I:H/A:N",
"version": "3.1"
},
"products": [
"SUSE Enterprise Storage 7.1:ucode-intel-20250812-150200.59.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:ucode-intel-20250812-150200.59.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:ucode-intel-20250812-150200.59.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:ucode-intel-20250812-150200.59.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:ucode-intel-20250812-150200.59.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:ucode-intel-20250812-150200.59.1.x86_64",
"SUSE Linux Enterprise Micro 5.1:ucode-intel-20250812-150200.59.1.x86_64",
"SUSE Linux Enterprise Micro 5.2:ucode-intel-20250812-150200.59.1.x86_64",
"SUSE Linux Enterprise Micro 5.3:ucode-intel-20250812-150200.59.1.x86_64",
"SUSE Linux Enterprise Micro 5.4:ucode-intel-20250812-150200.59.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:ucode-intel-20250812-150200.59.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:ucode-intel-20250812-150200.59.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:ucode-intel-20250812-150200.59.1.x86_64",
"SUSE Linux Enterprise Server 15 SP3-LTSS:ucode-intel-20250812-150200.59.1.x86_64",
"SUSE Linux Enterprise Server 15 SP4-LTSS:ucode-intel-20250812-150200.59.1.x86_64",
"SUSE Linux Enterprise Server 15 SP5-LTSS:ucode-intel-20250812-150200.59.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP3:ucode-intel-20250812-150200.59.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP4:ucode-intel-20250812-150200.59.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP5:ucode-intel-20250812-150200.59.1.x86_64",
"SUSE Manager Proxy LTS 4.3:ucode-intel-20250812-150200.59.1.x86_64",
"SUSE Manager Server LTS 4.3:ucode-intel-20250812-150200.59.1.x86_64",
"openSUSE Leap 15.6:ucode-intel-20250812-150200.59.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-09-02T17:42:12Z",
"details": "important"
}
],
"title": "CVE-2025-26403"
},
{
"cve": "CVE-2025-32086",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-32086"
}
],
"notes": [
{
"category": "general",
"text": "Improperly implemented security check for standard in the DDRIO configuration for some Intel(R) Xeon(R) 6 Processors when using Intel(R) SGX or Intel(R) TDX may allow a privileged user to potentially enable escalation of privilege via local access.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Enterprise Storage 7.1:ucode-intel-20250812-150200.59.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:ucode-intel-20250812-150200.59.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:ucode-intel-20250812-150200.59.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:ucode-intel-20250812-150200.59.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:ucode-intel-20250812-150200.59.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:ucode-intel-20250812-150200.59.1.x86_64",
"SUSE Linux Enterprise Micro 5.1:ucode-intel-20250812-150200.59.1.x86_64",
"SUSE Linux Enterprise Micro 5.2:ucode-intel-20250812-150200.59.1.x86_64",
"SUSE Linux Enterprise Micro 5.3:ucode-intel-20250812-150200.59.1.x86_64",
"SUSE Linux Enterprise Micro 5.4:ucode-intel-20250812-150200.59.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:ucode-intel-20250812-150200.59.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:ucode-intel-20250812-150200.59.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:ucode-intel-20250812-150200.59.1.x86_64",
"SUSE Linux Enterprise Server 15 SP3-LTSS:ucode-intel-20250812-150200.59.1.x86_64",
"SUSE Linux Enterprise Server 15 SP4-LTSS:ucode-intel-20250812-150200.59.1.x86_64",
"SUSE Linux Enterprise Server 15 SP5-LTSS:ucode-intel-20250812-150200.59.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP3:ucode-intel-20250812-150200.59.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP4:ucode-intel-20250812-150200.59.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP5:ucode-intel-20250812-150200.59.1.x86_64",
"SUSE Manager Proxy LTS 4.3:ucode-intel-20250812-150200.59.1.x86_64",
"SUSE Manager Server LTS 4.3:ucode-intel-20250812-150200.59.1.x86_64",
"openSUSE Leap 15.6:ucode-intel-20250812-150200.59.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-32086",
"url": "https://www.suse.com/security/cve/CVE-2025-32086"
},
{
"category": "external",
"summary": "SUSE Bug 1248438 for CVE-2025-32086",
"url": "https://bugzilla.suse.com/1248438"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Enterprise Storage 7.1:ucode-intel-20250812-150200.59.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:ucode-intel-20250812-150200.59.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:ucode-intel-20250812-150200.59.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:ucode-intel-20250812-150200.59.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:ucode-intel-20250812-150200.59.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:ucode-intel-20250812-150200.59.1.x86_64",
"SUSE Linux Enterprise Micro 5.1:ucode-intel-20250812-150200.59.1.x86_64",
"SUSE Linux Enterprise Micro 5.2:ucode-intel-20250812-150200.59.1.x86_64",
"SUSE Linux Enterprise Micro 5.3:ucode-intel-20250812-150200.59.1.x86_64",
"SUSE Linux Enterprise Micro 5.4:ucode-intel-20250812-150200.59.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:ucode-intel-20250812-150200.59.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:ucode-intel-20250812-150200.59.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:ucode-intel-20250812-150200.59.1.x86_64",
"SUSE Linux Enterprise Server 15 SP3-LTSS:ucode-intel-20250812-150200.59.1.x86_64",
"SUSE Linux Enterprise Server 15 SP4-LTSS:ucode-intel-20250812-150200.59.1.x86_64",
"SUSE Linux Enterprise Server 15 SP5-LTSS:ucode-intel-20250812-150200.59.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP3:ucode-intel-20250812-150200.59.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP4:ucode-intel-20250812-150200.59.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP5:ucode-intel-20250812-150200.59.1.x86_64",
"SUSE Manager Proxy LTS 4.3:ucode-intel-20250812-150200.59.1.x86_64",
"SUSE Manager Server LTS 4.3:ucode-intel-20250812-150200.59.1.x86_64",
"openSUSE Leap 15.6:ucode-intel-20250812-150200.59.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.2,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:C/C:H/I:H/A:N",
"version": "3.1"
},
"products": [
"SUSE Enterprise Storage 7.1:ucode-intel-20250812-150200.59.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:ucode-intel-20250812-150200.59.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:ucode-intel-20250812-150200.59.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:ucode-intel-20250812-150200.59.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:ucode-intel-20250812-150200.59.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:ucode-intel-20250812-150200.59.1.x86_64",
"SUSE Linux Enterprise Micro 5.1:ucode-intel-20250812-150200.59.1.x86_64",
"SUSE Linux Enterprise Micro 5.2:ucode-intel-20250812-150200.59.1.x86_64",
"SUSE Linux Enterprise Micro 5.3:ucode-intel-20250812-150200.59.1.x86_64",
"SUSE Linux Enterprise Micro 5.4:ucode-intel-20250812-150200.59.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:ucode-intel-20250812-150200.59.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:ucode-intel-20250812-150200.59.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:ucode-intel-20250812-150200.59.1.x86_64",
"SUSE Linux Enterprise Server 15 SP3-LTSS:ucode-intel-20250812-150200.59.1.x86_64",
"SUSE Linux Enterprise Server 15 SP4-LTSS:ucode-intel-20250812-150200.59.1.x86_64",
"SUSE Linux Enterprise Server 15 SP5-LTSS:ucode-intel-20250812-150200.59.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP3:ucode-intel-20250812-150200.59.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP4:ucode-intel-20250812-150200.59.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP5:ucode-intel-20250812-150200.59.1.x86_64",
"SUSE Manager Proxy LTS 4.3:ucode-intel-20250812-150200.59.1.x86_64",
"SUSE Manager Server LTS 4.3:ucode-intel-20250812-150200.59.1.x86_64",
"openSUSE Leap 15.6:ucode-intel-20250812-150200.59.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-09-02T17:42:12Z",
"details": "important"
}
],
"title": "CVE-2025-32086"
}
]
}
SUSE-SU-2025:03116-1
Vulnerability from csaf_suse - Published: 2025-09-09 10:57 - Updated: 2025-09-09 10:57Summary
Security update for microcode_ctl
Severity
Important
Notes
Title of the patch: Security update for microcode_ctl
Description of the patch: This update for microcode_ctl fixes the following issues:
- Intel CPU Microcode was updated to the 20250812 release (bsc#1248438)
- CVE-2025-20109: Improper Isolation or Compartmentalization in the stream cache mechanism for some Intel Processors may allow an authenticated user to potentially enable escalation of privilege via local access.
- CVE-2025-22840: Sequence of processor instructions leads to unexpected behavior for some Intel Xeon 6 Scalable processors may allow an authenticated user to potentially enable escalation of privilege via local access
- CVE-2025-22839: Insufficient granularity of access control in the OOB-MSM for some Intel Xeon 6 Scalable processors may allow a privileged user to potentially enable escalation of privilege via adjacent access.
- CVE-2025-22889: Improper handling of overlap between protected memory ranges for some Intel Xeon 6 processor with Intel TDX may allow a privileged user to potentially enable escalation of privilege via local access.
- CVE-2025-20053: Improper buffer restrictions for some Intel Xeon Processor firmware with SGX enabled may allow a privileged user to potentially enable escalation of privilege via local access.
- CVE-2025-26403: Out-of-bounds write in the memory subsystem for some Intel Xeon 6 processors when using Intel SGX or Intel TDX may allow a privileged user to potentially enable escalation of privilege via local access.
- CVE-2025-32086: Improperly implemented security check for standard in the DDRIO configuration for some Intel Xeon 6 Processors when using Intel SGX or Intel TDX may allow a privileged user to potentially enable escalation of privilege via local access.
- Update for functional issues.
- Updated Platforms:
| Processor | Stepping | F-M-S/PI | Old Ver | New Ver | Products
|:---------------|:---------|:------------|:---------|:---------|:---------
| ARL-H | A1 | 06-c5-02/82 | 00000118 | 00000119 | Core Ultra Processor (Series 2)
| ARL-S/HX (8P) | B0 | 06-c6-02/82 | 00000118 | 00000119 | Core Ultra Processor (Series 2)
| EMR-SP | A1 | 06-cf-02/87 | 210002a9 | 210002b3 | Xeon Scalable Gen5
| GNR-AP/SP | B0 | 06-ad-01/95 | 010003a2 | 010003d0 | Xeon Scalable Gen6
| GNR-AP/SP | H0 | 06-ad-01/20 | 0a0000d1 | 0a000100 | Xeon Scalable Gen6
| ICL-D | B0 | 06-6c-01/10 | 010002d0 | 010002e0 | Xeon D-17xx, D-27xx
| ICX-SP | Dx/M1 | 06-6a-06/87 | 0d000404 | 0d000410 | Xeon Scalable Gen3
| LNL | B0 | 06-bd-01/80 | 0000011f | 00000123 | Core Ultra 200 V Series Processor
| MTL | C0 | 06-aa-04/e6 | 00000024 | 00000025 | Core™ Ultra Processor
| RPL-H/P/PX 6+8 | J0 | 06-ba-02/e0 | 00004128 | 00004129 | Core Gen13
| RPL-U 2+8 | Q0 | 06-ba-03/e0 | 00004128 | 00004129 | Core Gen13
| SPR-HBM | Bx | 06-8f-08/10 | 2c0003f7 | 2c000401 | Xeon Max
| SPR-SP | E4/S2 | 06-8f-07/87 | 2b000639 | 2b000643 | Xeon Scalable Gen4
| SPR-SP | E5/S3 | 06-8f-08/87 | 2b000639 | 2b000643 | Xeon Scalable Gen4
| SRF-SP | C0 | 06-af-03/01 | 03000341 | 03000362 | Xeon 6700-Series Processors with E-Cores
New Disclosures Updated in Prior Releases:
All ADL, RPL, SPR, EMR, MTL, ARL Microcode patches previously released in May 2025.
Patchnames: SUSE-2025-3116,SUSE-SLE-SERVER-11-SP4-LTSS-EXTREME-CORE-2025-3116
Terms of use: CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).
7.2 (High)
Affected products
Recommended
1 product
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:microcode_ctl-1.17-102.83.87.1.x86_64 | — |
Vendor Fix
|
Threats
Impact
important
7.8 (High)
Affected products
Recommended
1 product
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:microcode_ctl-1.17-102.83.87.1.x86_64 | — |
Vendor Fix
|
Threats
Impact
important
7.5 (High)
Affected products
Recommended
1 product
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:microcode_ctl-1.17-102.83.87.1.x86_64 | — |
Vendor Fix
|
Threats
Impact
important
7.4 (High)
Affected products
Recommended
1 product
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:microcode_ctl-1.17-102.83.87.1.x86_64 | — |
Vendor Fix
|
Threats
Impact
important
7.9 (High)
Affected products
Recommended
1 product
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:microcode_ctl-1.17-102.83.87.1.x86_64 | — |
Vendor Fix
|
Threats
Impact
important
7.2 (High)
Affected products
Recommended
1 product
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:microcode_ctl-1.17-102.83.87.1.x86_64 | — |
Vendor Fix
|
Threats
Impact
important
7.2 (High)
Affected products
Recommended
1 product
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:microcode_ctl-1.17-102.83.87.1.x86_64 | — |
Vendor Fix
|
Threats
Impact
important
References
26 references
| URL | Category |
|---|---|
| https://www.suse.com/support/security/rating/ | external |
| https://ftp.suse.com/pub/projects/security/csaf/s… | self |
| https://www.suse.com/support/update/announcement/… | self |
| https://lists.suse.com/pipermail/sle-updates/2025… | self |
| https://bugzilla.suse.com/1248438 | self |
| https://www.suse.com/security/cve/CVE-2025-20053/ | self |
| https://www.suse.com/security/cve/CVE-2025-20109/ | self |
| https://www.suse.com/security/cve/CVE-2025-22839/ | self |
| https://www.suse.com/security/cve/CVE-2025-22840/ | self |
| https://www.suse.com/security/cve/CVE-2025-22889/ | self |
| https://www.suse.com/security/cve/CVE-2025-26403/ | self |
| https://www.suse.com/security/cve/CVE-2025-32086/ | self |
| https://www.suse.com/security/cve/CVE-2025-20053 | external |
| https://bugzilla.suse.com/1248438 | external |
| https://www.suse.com/security/cve/CVE-2025-20109 | external |
| https://bugzilla.suse.com/1248438 | external |
| https://www.suse.com/security/cve/CVE-2025-22839 | external |
| https://bugzilla.suse.com/1248438 | external |
| https://www.suse.com/security/cve/CVE-2025-22840 | external |
| https://bugzilla.suse.com/1248438 | external |
| https://www.suse.com/security/cve/CVE-2025-22889 | external |
| https://bugzilla.suse.com/1248438 | external |
| https://www.suse.com/security/cve/CVE-2025-26403 | external |
| https://bugzilla.suse.com/1248438 | external |
| https://www.suse.com/security/cve/CVE-2025-32086 | external |
| https://bugzilla.suse.com/1248438 | external |
{
"document": {
"aggregate_severity": {
"namespace": "https://www.suse.com/support/security/rating/",
"text": "important"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright 2024 SUSE LLC. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "Security update for microcode_ctl",
"title": "Title of the patch"
},
{
"category": "description",
"text": "This update for microcode_ctl fixes the following issues:\n\n- Intel CPU Microcode was updated to the 20250812 release (bsc#1248438)\n - CVE-2025-20109: Improper Isolation or Compartmentalization in the stream cache mechanism for some Intel Processors may allow an authenticated user to potentially enable escalation of privilege via local access.\n - CVE-2025-22840: Sequence of processor instructions leads to unexpected behavior for some Intel Xeon 6 Scalable processors may allow an authenticated user to potentially enable escalation of privilege via local access\n - CVE-2025-22839: Insufficient granularity of access control in the OOB-MSM for some Intel Xeon 6 Scalable processors may allow a privileged user to potentially enable escalation of privilege via adjacent access.\n - CVE-2025-22889: Improper handling of overlap between protected memory ranges for some Intel Xeon 6 processor with Intel TDX may allow a privileged user to potentially enable escalation of privilege via local access.\n - CVE-2025-20053: Improper buffer restrictions for some Intel Xeon Processor firmware with SGX enabled may allow a privileged user to potentially enable escalation of privilege via local access.\n - CVE-2025-26403: Out-of-bounds write in the memory subsystem for some Intel Xeon 6 processors when using Intel SGX or Intel TDX may allow a privileged user to potentially enable escalation of privilege via local access.\n - CVE-2025-32086: Improperly implemented security check for standard in the DDRIO configuration for some Intel Xeon 6 Processors when using Intel SGX or Intel TDX may allow a privileged user to potentially enable escalation of privilege via local access.\n - Update for functional issues. \n - Updated Platforms:\n\n | Processor | Stepping | F-M-S/PI | Old Ver | New Ver | Products\n |:---------------|:---------|:------------|:---------|:---------|:---------\n | ARL-H | A1 | 06-c5-02/82 | 00000118 | 00000119 | Core Ultra Processor (Series 2)\n | ARL-S/HX (8P) | B0 | 06-c6-02/82 | 00000118 | 00000119 | Core Ultra Processor (Series 2)\n | EMR-SP | A1 | 06-cf-02/87 | 210002a9 | 210002b3 | Xeon Scalable Gen5\n | GNR-AP/SP | B0 | 06-ad-01/95 | 010003a2 | 010003d0 | Xeon Scalable Gen6\n | GNR-AP/SP | H0 | 06-ad-01/20 | 0a0000d1 | 0a000100 | Xeon Scalable Gen6\n | ICL-D | B0 | 06-6c-01/10 | 010002d0 | 010002e0 | Xeon D-17xx, D-27xx\n | ICX-SP | Dx/M1 | 06-6a-06/87 | 0d000404 | 0d000410 | Xeon Scalable Gen3\n | LNL | B0 | 06-bd-01/80 | 0000011f | 00000123 | Core Ultra 200 V Series Processor\n | MTL | C0 | 06-aa-04/e6 | 00000024 | 00000025 | Core\u2122 Ultra Processor\n | RPL-H/P/PX 6+8 | J0 | 06-ba-02/e0 | 00004128 | 00004129 | Core Gen13\n | RPL-U 2+8 | Q0 | 06-ba-03/e0 | 00004128 | 00004129 | Core Gen13\n | SPR-HBM | Bx | 06-8f-08/10 | 2c0003f7 | 2c000401 | Xeon Max\n | SPR-SP | E4/S2 | 06-8f-07/87 | 2b000639 | 2b000643 | Xeon Scalable Gen4\n | SPR-SP | E5/S3 | 06-8f-08/87 | 2b000639 | 2b000643 | Xeon Scalable Gen4\n | SRF-SP | C0 | 06-af-03/01 | 03000341 | 03000362 | Xeon 6700-Series Processors with E-Cores\n \n New Disclosures Updated in Prior Releases:\n All ADL, RPL, SPR, EMR, MTL, ARL Microcode patches previously released in May 2025.\n",
"title": "Description of the patch"
},
{
"category": "details",
"text": "SUSE-2025-3116,SUSE-SLE-SERVER-11-SP4-LTSS-EXTREME-CORE-2025-3116",
"title": "Patchnames"
},
{
"category": "legal_disclaimer",
"text": "CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).",
"title": "Terms of use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://www.suse.com/support/security/contact/",
"name": "SUSE Product Security Team",
"namespace": "https://www.suse.com/"
},
"references": [
{
"category": "external",
"summary": "SUSE ratings",
"url": "https://www.suse.com/support/security/rating/"
},
{
"category": "self",
"summary": "URL of this CSAF notice",
"url": "https://ftp.suse.com/pub/projects/security/csaf/suse-su-2025_03116-1.json"
},
{
"category": "self",
"summary": "URL for SUSE-SU-2025:03116-1",
"url": "https://www.suse.com/support/update/announcement/2025/suse-su-202503116-1/"
},
{
"category": "self",
"summary": "E-Mail link for SUSE-SU-2025:03116-1",
"url": "https://lists.suse.com/pipermail/sle-updates/2025-September/041549.html"
},
{
"category": "self",
"summary": "SUSE Bug 1248438",
"url": "https://bugzilla.suse.com/1248438"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-20053 page",
"url": "https://www.suse.com/security/cve/CVE-2025-20053/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-20109 page",
"url": "https://www.suse.com/security/cve/CVE-2025-20109/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-22839 page",
"url": "https://www.suse.com/security/cve/CVE-2025-22839/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-22840 page",
"url": "https://www.suse.com/security/cve/CVE-2025-22840/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-22889 page",
"url": "https://www.suse.com/security/cve/CVE-2025-22889/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-26403 page",
"url": "https://www.suse.com/security/cve/CVE-2025-26403/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-32086 page",
"url": "https://www.suse.com/security/cve/CVE-2025-32086/"
}
],
"title": "Security update for microcode_ctl",
"tracking": {
"current_release_date": "2025-09-09T10:57:16Z",
"generator": {
"date": "2025-09-09T10:57:16Z",
"engine": {
"name": "cve-database.git:bin/generate-csaf.pl",
"version": "1"
}
},
"id": "SUSE-SU-2025:03116-1",
"initial_release_date": "2025-09-09T10:57:16Z",
"revision_history": [
{
"date": "2025-09-09T10:57:16Z",
"number": "1",
"summary": "Current version"
}
],
"status": "final",
"version": "1"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_version",
"name": "microcode_ctl-1.17-102.83.87.1.i586",
"product": {
"name": "microcode_ctl-1.17-102.83.87.1.i586",
"product_id": "microcode_ctl-1.17-102.83.87.1.i586"
}
}
],
"category": "architecture",
"name": "i586"
},
{
"branches": [
{
"category": "product_version",
"name": "microcode_ctl-1.17-102.83.87.1.x86_64",
"product": {
"name": "microcode_ctl-1.17-102.83.87.1.x86_64",
"product_id": "microcode_ctl-1.17-102.83.87.1.x86_64"
}
}
],
"category": "architecture",
"name": "x86_64"
},
{
"branches": [
{
"category": "product_name",
"name": "SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE",
"product": {
"name": "SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE",
"product_id": "SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE",
"product_identification_helper": {
"cpe": "cpe:/o:suse:suse_sles_ltss-extreme-core:11:sp4"
}
}
}
],
"category": "product_family",
"name": "SUSE Linux Enterprise"
}
],
"category": "vendor",
"name": "SUSE"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "microcode_ctl-1.17-102.83.87.1.x86_64 as component of SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE",
"product_id": "SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:microcode_ctl-1.17-102.83.87.1.x86_64"
},
"product_reference": "microcode_ctl-1.17-102.83.87.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2025-20053",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-20053"
}
],
"notes": [
{
"category": "general",
"text": "Improper buffer restrictions for some Intel(R) Xeon(R) Processor firmware with SGX enabled may allow a privileged user to potentially enable escalation of privilege via local access.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:microcode_ctl-1.17-102.83.87.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-20053",
"url": "https://www.suse.com/security/cve/CVE-2025-20053"
},
{
"category": "external",
"summary": "SUSE Bug 1248438 for CVE-2025-20053",
"url": "https://bugzilla.suse.com/1248438"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:microcode_ctl-1.17-102.83.87.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.2,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:C/C:H/I:H/A:N",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:microcode_ctl-1.17-102.83.87.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-09-09T10:57:16Z",
"details": "important"
}
],
"title": "CVE-2025-20053"
},
{
"cve": "CVE-2025-20109",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-20109"
}
],
"notes": [
{
"category": "general",
"text": "Improper Isolation or Compartmentalization in the stream cache mechanism for some Intel(R) Processors may allow an authenticated user to potentially enable escalation of privilege via local access.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:microcode_ctl-1.17-102.83.87.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-20109",
"url": "https://www.suse.com/security/cve/CVE-2025-20109"
},
{
"category": "external",
"summary": "SUSE Bug 1248438 for CVE-2025-20109",
"url": "https://bugzilla.suse.com/1248438"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:microcode_ctl-1.17-102.83.87.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:C/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:microcode_ctl-1.17-102.83.87.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-09-09T10:57:16Z",
"details": "important"
}
],
"title": "CVE-2025-20109"
},
{
"cve": "CVE-2025-22839",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-22839"
}
],
"notes": [
{
"category": "general",
"text": "Insufficient granularity of access control in the OOB-MSM for some Intel(R) Xeon(R) 6 Scalable processors may allow a privileged user to potentially enable escalation of privilege via adjacent access.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:microcode_ctl-1.17-102.83.87.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-22839",
"url": "https://www.suse.com/security/cve/CVE-2025-22839"
},
{
"category": "external",
"summary": "SUSE Bug 1248438 for CVE-2025-22839",
"url": "https://bugzilla.suse.com/1248438"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:microcode_ctl-1.17-102.83.87.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.5,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:A/AC:H/PR:H/UI:N/S:C/C:H/I:H/A:L",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:microcode_ctl-1.17-102.83.87.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-09-09T10:57:16Z",
"details": "important"
}
],
"title": "CVE-2025-22839"
},
{
"cve": "CVE-2025-22840",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-22840"
}
],
"notes": [
{
"category": "general",
"text": "Sequence of processor instructions leads to unexpected behavior for some Intel(R) Xeon(R) 6 Scalable processors may allow an authenticated user to potentially enable escalation of privilege via local access",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:microcode_ctl-1.17-102.83.87.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-22840",
"url": "https://www.suse.com/security/cve/CVE-2025-22840"
},
{
"category": "external",
"summary": "SUSE Bug 1248438 for CVE-2025-22840",
"url": "https://bugzilla.suse.com/1248438"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:microcode_ctl-1.17-102.83.87.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.4,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:R/S:C/C:H/I:H/A:L",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:microcode_ctl-1.17-102.83.87.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-09-09T10:57:16Z",
"details": "important"
}
],
"title": "CVE-2025-22840"
},
{
"cve": "CVE-2025-22889",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-22889"
}
],
"notes": [
{
"category": "general",
"text": "Improper handling of overlap between protected memory ranges for some Intel(R) Xeon(R) 6 processor with Intel(R) TDX may allow a privileged user to potentially enable escalation of privilege via local access.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:microcode_ctl-1.17-102.83.87.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-22889",
"url": "https://www.suse.com/security/cve/CVE-2025-22889"
},
{
"category": "external",
"summary": "SUSE Bug 1248438 for CVE-2025-22889",
"url": "https://bugzilla.suse.com/1248438"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:microcode_ctl-1.17-102.83.87.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.9,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:C/C:H/I:H/A:N",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:microcode_ctl-1.17-102.83.87.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-09-09T10:57:16Z",
"details": "important"
}
],
"title": "CVE-2025-22889"
},
{
"cve": "CVE-2025-26403",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-26403"
}
],
"notes": [
{
"category": "general",
"text": "Out-of-bounds write in the memory subsystem for some Intel(R) Xeon(R) 6 processors when using Intel(R) SGX or Intel(R) TDX may allow a privileged user to potentially enable escalation of privilege via local access.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:microcode_ctl-1.17-102.83.87.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-26403",
"url": "https://www.suse.com/security/cve/CVE-2025-26403"
},
{
"category": "external",
"summary": "SUSE Bug 1248438 for CVE-2025-26403",
"url": "https://bugzilla.suse.com/1248438"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:microcode_ctl-1.17-102.83.87.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.2,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:C/C:H/I:H/A:N",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:microcode_ctl-1.17-102.83.87.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-09-09T10:57:16Z",
"details": "important"
}
],
"title": "CVE-2025-26403"
},
{
"cve": "CVE-2025-32086",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-32086"
}
],
"notes": [
{
"category": "general",
"text": "Improperly implemented security check for standard in the DDRIO configuration for some Intel(R) Xeon(R) 6 Processors when using Intel(R) SGX or Intel(R) TDX may allow a privileged user to potentially enable escalation of privilege via local access.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:microcode_ctl-1.17-102.83.87.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-32086",
"url": "https://www.suse.com/security/cve/CVE-2025-32086"
},
{
"category": "external",
"summary": "SUSE Bug 1248438 for CVE-2025-32086",
"url": "https://bugzilla.suse.com/1248438"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:microcode_ctl-1.17-102.83.87.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.2,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:C/C:H/I:H/A:N",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:microcode_ctl-1.17-102.83.87.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-09-09T10:57:16Z",
"details": "important"
}
],
"title": "CVE-2025-32086"
}
]
}
SUSE-SU-2025:20691-1
Vulnerability from csaf_suse - Published: 2025-09-09 10:18 - Updated: 2025-09-09 10:18Summary
Security update for ucode-intel
Severity
Important
Notes
Title of the patch: Security update for ucode-intel
Description of the patch: This update for ucode-intel fixes the following issues:
- Intel CPU Microcode was updated to the 20250812 release (bsc#1248438)
- CVE-2025-20109: Improper Isolation or Compartmentalization in the stream cache mechanism for some Intel Processors may allow an authenticated user to potentially enable escalation of privilege via local access.
- CVE-2025-22840: Sequence of processor instructions leads to unexpected behavior for some Intel Xeon 6 Scalable processors may allow an authenticated user to potentially enable escalation of privilege via local access
- CVE-2025-22839: Insufficient granularity of access control in the OOB-MSM for some Intel Xeon 6 Scalable processors may allow a privileged user to potentially enable escalation of privilege via adjacent access.
- CVE-2025-22889: Improper handling of overlap between protected memory ranges for some Intel Xeon 6 processor with Intel TDX may allow a privileged user to potentially enable escalation of privilege via local access.
- CVE-2025-20053: Improper buffer restrictions for some Intel Xeon Processor firmware with SGX enabled may allow a privileged user to potentially enable escalation of privilege via local access.
- CVE-2025-26403: Out-of-bounds write in the memory subsystem for some Intel Xeon 6 processors when using Intel SGX or Intel TDX may allow a privileged user to potentially enable escalation of privilege via local access.
- CVE-2025-32086: Improperly implemented security check for standard in the DDRIO configuration for some Intel Xeon 6 Processors when using Intel SGX or Intel TDX may allow a privileged user to potentially enable escalation of privilege via local access.
- Update for functional issues.
- Updated Platforms:
| Processor | Stepping | F-M-S/PI | Old Ver | New Ver | Products
|:---------------|:---------|:------------|:---------|:---------|:---------
| ARL-H | A1 | 06-c5-02/82 | 00000118 | 00000119 | Core Ultra Processor (Series 2)
| ARL-S/HX (8P) | B0 | 06-c6-02/82 | 00000118 | 00000119 | Core Ultra Processor (Series 2)
| EMR-SP | A1 | 06-cf-02/87 | 210002a9 | 210002b3 | Xeon Scalable Gen5
| GNR-AP/SP | B0 | 06-ad-01/95 | 010003a2 | 010003d0 | Xeon Scalable Gen6
| GNR-AP/SP | H0 | 06-ad-01/20 | 0a0000d1 | 0a000100 | Xeon Scalable Gen6
| ICL-D | B0 | 06-6c-01/10 | 010002d0 | 010002e0 | Xeon D-17xx, D-27xx
| ICX-SP | Dx/M1 | 06-6a-06/87 | 0d000404 | 0d000410 | Xeon Scalable Gen3
| LNL | B0 | 06-bd-01/80 | 0000011f | 00000123 | Core Ultra 200 V Series Processor
| MTL | C0 | 06-aa-04/e6 | 00000024 | 00000025 | Core™ Ultra Processor
| RPL-H/P/PX 6+8 | J0 | 06-ba-02/e0 | 00004128 | 00004129 | Core Gen13
| RPL-U 2+8 | Q0 | 06-ba-03/e0 | 00004128 | 00004129 | Core Gen13
| SPR-HBM | Bx | 06-8f-08/10 | 2c0003f7 | 2c000401 | Xeon Max
| SPR-SP | E4/S2 | 06-8f-07/87 | 2b000639 | 2b000643 | Xeon Scalable Gen4
| SPR-SP | E5/S3 | 06-8f-08/87 | 2b000639 | 2b000643 | Xeon Scalable Gen4
| SRF-SP | C0 | 06-af-03/01 | 03000341 | 03000362 | Xeon 6700-Series Processors with E-Cores
New Disclosures Updated in Prior Releases:
All ADL, RPL, SPR, EMR, MTL, ARL Microcode patches previously released in May 2025.
Patchnames: SUSE-SLE-Micro-6.1-255
Terms of use: CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).
7.2 (High)
Affected products
Recommended
1 product
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Linux Micro 6.1:ucode-intel-20250812-slfo.1.1_1.1.x86_64 | — |
Vendor Fix
|
Threats
Impact
important
7.8 (High)
Affected products
Recommended
1 product
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Linux Micro 6.1:ucode-intel-20250812-slfo.1.1_1.1.x86_64 | — |
Vendor Fix
|
Threats
Impact
important
7.5 (High)
Affected products
Recommended
1 product
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Linux Micro 6.1:ucode-intel-20250812-slfo.1.1_1.1.x86_64 | — |
Vendor Fix
|
Threats
Impact
important
7.4 (High)
Affected products
Recommended
1 product
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Linux Micro 6.1:ucode-intel-20250812-slfo.1.1_1.1.x86_64 | — |
Vendor Fix
|
Threats
Impact
important
7.9 (High)
Affected products
Recommended
1 product
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Linux Micro 6.1:ucode-intel-20250812-slfo.1.1_1.1.x86_64 | — |
Vendor Fix
|
Threats
Impact
important
7.2 (High)
Affected products
Recommended
1 product
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Linux Micro 6.1:ucode-intel-20250812-slfo.1.1_1.1.x86_64 | — |
Vendor Fix
|
Threats
Impact
important
7.2 (High)
Affected products
Recommended
1 product
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Linux Micro 6.1:ucode-intel-20250812-slfo.1.1_1.1.x86_64 | — |
Vendor Fix
|
Threats
Impact
important
References
26 references
| URL | Category |
|---|---|
| https://www.suse.com/support/security/rating/ | external |
| https://ftp.suse.com/pub/projects/security/csaf/s… | self |
| https://www.suse.com/support/update/announcement/… | self |
| https://lists.suse.com/pipermail/sle-updates/2025… | self |
| https://bugzilla.suse.com/1248438 | self |
| https://www.suse.com/security/cve/CVE-2025-20053/ | self |
| https://www.suse.com/security/cve/CVE-2025-20109/ | self |
| https://www.suse.com/security/cve/CVE-2025-22839/ | self |
| https://www.suse.com/security/cve/CVE-2025-22840/ | self |
| https://www.suse.com/security/cve/CVE-2025-22889/ | self |
| https://www.suse.com/security/cve/CVE-2025-26403/ | self |
| https://www.suse.com/security/cve/CVE-2025-32086/ | self |
| https://www.suse.com/security/cve/CVE-2025-20053 | external |
| https://bugzilla.suse.com/1248438 | external |
| https://www.suse.com/security/cve/CVE-2025-20109 | external |
| https://bugzilla.suse.com/1248438 | external |
| https://www.suse.com/security/cve/CVE-2025-22839 | external |
| https://bugzilla.suse.com/1248438 | external |
| https://www.suse.com/security/cve/CVE-2025-22840 | external |
| https://bugzilla.suse.com/1248438 | external |
| https://www.suse.com/security/cve/CVE-2025-22889 | external |
| https://bugzilla.suse.com/1248438 | external |
| https://www.suse.com/security/cve/CVE-2025-26403 | external |
| https://bugzilla.suse.com/1248438 | external |
| https://www.suse.com/security/cve/CVE-2025-32086 | external |
| https://bugzilla.suse.com/1248438 | external |
{
"document": {
"aggregate_severity": {
"namespace": "https://www.suse.com/support/security/rating/",
"text": "important"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright 2024 SUSE LLC. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "Security update for ucode-intel",
"title": "Title of the patch"
},
{
"category": "description",
"text": "This update for ucode-intel fixes the following issues:\n\n- Intel CPU Microcode was updated to the 20250812 release (bsc#1248438)\n - CVE-2025-20109: Improper Isolation or Compartmentalization in the stream cache mechanism for some Intel Processors may allow an authenticated user to potentially enable escalation of privilege via local access.\n - CVE-2025-22840: Sequence of processor instructions leads to unexpected behavior for some Intel Xeon 6 Scalable processors may allow an authenticated user to potentially enable escalation of privilege via local access\n - CVE-2025-22839: Insufficient granularity of access control in the OOB-MSM for some Intel Xeon 6 Scalable processors may allow a privileged user to potentially enable escalation of privilege via adjacent access.\n - CVE-2025-22889: Improper handling of overlap between protected memory ranges for some Intel Xeon 6 processor with Intel TDX may allow a privileged user to potentially enable escalation of privilege via local access.\n - CVE-2025-20053: Improper buffer restrictions for some Intel Xeon Processor firmware with SGX enabled may allow a privileged user to potentially enable escalation of privilege via local access.\n - CVE-2025-26403: Out-of-bounds write in the memory subsystem for some Intel Xeon 6 processors when using Intel SGX or Intel TDX may allow a privileged user to potentially enable escalation of privilege via local access.\n - CVE-2025-32086: Improperly implemented security check for standard in the DDRIO configuration for some Intel Xeon 6 Processors when using Intel SGX or Intel TDX may allow a privileged user to potentially enable escalation of privilege via local access.\n - Update for functional issues.\n - Updated Platforms:\n\n | Processor | Stepping | F-M-S/PI | Old Ver | New Ver | Products\n |:---------------|:---------|:------------|:---------|:---------|:---------\n | ARL-H | A1 | 06-c5-02/82 | 00000118 | 00000119 | Core Ultra Processor (Series 2)\n | ARL-S/HX (8P) | B0 | 06-c6-02/82 | 00000118 | 00000119 | Core Ultra Processor (Series 2)\n | EMR-SP | A1 | 06-cf-02/87 | 210002a9 | 210002b3 | Xeon Scalable Gen5\n | GNR-AP/SP | B0 | 06-ad-01/95 | 010003a2 | 010003d0 | Xeon Scalable Gen6\n | GNR-AP/SP | H0 | 06-ad-01/20 | 0a0000d1 | 0a000100 | Xeon Scalable Gen6\n | ICL-D | B0 | 06-6c-01/10 | 010002d0 | 010002e0 | Xeon D-17xx, D-27xx\n | ICX-SP | Dx/M1 | 06-6a-06/87 | 0d000404 | 0d000410 | Xeon Scalable Gen3\n | LNL | B0 | 06-bd-01/80 | 0000011f | 00000123 | Core Ultra 200 V Series Processor\n | MTL | C0 | 06-aa-04/e6 | 00000024 | 00000025 | Core\u2122 Ultra Processor\n | RPL-H/P/PX 6+8 | J0 | 06-ba-02/e0 | 00004128 | 00004129 | Core Gen13\n | RPL-U 2+8 | Q0 | 06-ba-03/e0 | 00004128 | 00004129 | Core Gen13\n | SPR-HBM | Bx | 06-8f-08/10 | 2c0003f7 | 2c000401 | Xeon Max\n | SPR-SP | E4/S2 | 06-8f-07/87 | 2b000639 | 2b000643 | Xeon Scalable Gen4\n | SPR-SP | E5/S3 | 06-8f-08/87 | 2b000639 | 2b000643 | Xeon Scalable Gen4\n | SRF-SP | C0 | 06-af-03/01 | 03000341 | 03000362 | Xeon 6700-Series Processors with E-Cores\n\n New Disclosures Updated in Prior Releases:\n All ADL, RPL, SPR, EMR, MTL, ARL Microcode patches previously released in May 2025.\n",
"title": "Description of the patch"
},
{
"category": "details",
"text": "SUSE-SLE-Micro-6.1-255",
"title": "Patchnames"
},
{
"category": "legal_disclaimer",
"text": "CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).",
"title": "Terms of use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://www.suse.com/support/security/contact/",
"name": "SUSE Product Security Team",
"namespace": "https://www.suse.com/"
},
"references": [
{
"category": "external",
"summary": "SUSE ratings",
"url": "https://www.suse.com/support/security/rating/"
},
{
"category": "self",
"summary": "URL of this CSAF notice",
"url": "https://ftp.suse.com/pub/projects/security/csaf/suse-su-2025_20691-1.json"
},
{
"category": "self",
"summary": "URL for SUSE-SU-2025:20691-1",
"url": "https://www.suse.com/support/update/announcement/2025/suse-su-202520691-1/"
},
{
"category": "self",
"summary": "E-Mail link for SUSE-SU-2025:20691-1",
"url": "https://lists.suse.com/pipermail/sle-updates/2025-September/041609.html"
},
{
"category": "self",
"summary": "SUSE Bug 1248438",
"url": "https://bugzilla.suse.com/1248438"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-20053 page",
"url": "https://www.suse.com/security/cve/CVE-2025-20053/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-20109 page",
"url": "https://www.suse.com/security/cve/CVE-2025-20109/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-22839 page",
"url": "https://www.suse.com/security/cve/CVE-2025-22839/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-22840 page",
"url": "https://www.suse.com/security/cve/CVE-2025-22840/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-22889 page",
"url": "https://www.suse.com/security/cve/CVE-2025-22889/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-26403 page",
"url": "https://www.suse.com/security/cve/CVE-2025-26403/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-32086 page",
"url": "https://www.suse.com/security/cve/CVE-2025-32086/"
}
],
"title": "Security update for ucode-intel",
"tracking": {
"current_release_date": "2025-09-09T10:18:48Z",
"generator": {
"date": "2025-09-09T10:18:48Z",
"engine": {
"name": "cve-database.git:bin/generate-csaf.pl",
"version": "1"
}
},
"id": "SUSE-SU-2025:20691-1",
"initial_release_date": "2025-09-09T10:18:48Z",
"revision_history": [
{
"date": "2025-09-09T10:18:48Z",
"number": "1",
"summary": "Current version"
}
],
"status": "final",
"version": "1"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_version",
"name": "ucode-intel-20250812-slfo.1.1_1.1.x86_64",
"product": {
"name": "ucode-intel-20250812-slfo.1.1_1.1.x86_64",
"product_id": "ucode-intel-20250812-slfo.1.1_1.1.x86_64"
}
}
],
"category": "architecture",
"name": "x86_64"
},
{
"branches": [
{
"category": "product_name",
"name": "SUSE Linux Micro 6.1",
"product": {
"name": "SUSE Linux Micro 6.1",
"product_id": "SUSE Linux Micro 6.1",
"product_identification_helper": {
"cpe": "cpe:/o:suse:sl-micro:6.1"
}
}
}
],
"category": "product_family",
"name": "SUSE Linux Enterprise"
}
],
"category": "vendor",
"name": "SUSE"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "ucode-intel-20250812-slfo.1.1_1.1.x86_64 as component of SUSE Linux Micro 6.1",
"product_id": "SUSE Linux Micro 6.1:ucode-intel-20250812-slfo.1.1_1.1.x86_64"
},
"product_reference": "ucode-intel-20250812-slfo.1.1_1.1.x86_64",
"relates_to_product_reference": "SUSE Linux Micro 6.1"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2025-20053",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-20053"
}
],
"notes": [
{
"category": "general",
"text": "Improper buffer restrictions for some Intel(R) Xeon(R) Processor firmware with SGX enabled may allow a privileged user to potentially enable escalation of privilege via local access.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.1:ucode-intel-20250812-slfo.1.1_1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-20053",
"url": "https://www.suse.com/security/cve/CVE-2025-20053"
},
{
"category": "external",
"summary": "SUSE Bug 1248438 for CVE-2025-20053",
"url": "https://bugzilla.suse.com/1248438"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.1:ucode-intel-20250812-slfo.1.1_1.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.2,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:C/C:H/I:H/A:N",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.1:ucode-intel-20250812-slfo.1.1_1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-09-09T10:18:48Z",
"details": "important"
}
],
"title": "CVE-2025-20053"
},
{
"cve": "CVE-2025-20109",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-20109"
}
],
"notes": [
{
"category": "general",
"text": "Improper Isolation or Compartmentalization in the stream cache mechanism for some Intel(R) Processors may allow an authenticated user to potentially enable escalation of privilege via local access.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.1:ucode-intel-20250812-slfo.1.1_1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-20109",
"url": "https://www.suse.com/security/cve/CVE-2025-20109"
},
{
"category": "external",
"summary": "SUSE Bug 1248438 for CVE-2025-20109",
"url": "https://bugzilla.suse.com/1248438"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.1:ucode-intel-20250812-slfo.1.1_1.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:C/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.1:ucode-intel-20250812-slfo.1.1_1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-09-09T10:18:48Z",
"details": "important"
}
],
"title": "CVE-2025-20109"
},
{
"cve": "CVE-2025-22839",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-22839"
}
],
"notes": [
{
"category": "general",
"text": "Insufficient granularity of access control in the OOB-MSM for some Intel(R) Xeon(R) 6 Scalable processors may allow a privileged user to potentially enable escalation of privilege via adjacent access.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.1:ucode-intel-20250812-slfo.1.1_1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-22839",
"url": "https://www.suse.com/security/cve/CVE-2025-22839"
},
{
"category": "external",
"summary": "SUSE Bug 1248438 for CVE-2025-22839",
"url": "https://bugzilla.suse.com/1248438"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.1:ucode-intel-20250812-slfo.1.1_1.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.5,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:A/AC:H/PR:H/UI:N/S:C/C:H/I:H/A:L",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.1:ucode-intel-20250812-slfo.1.1_1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-09-09T10:18:48Z",
"details": "important"
}
],
"title": "CVE-2025-22839"
},
{
"cve": "CVE-2025-22840",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-22840"
}
],
"notes": [
{
"category": "general",
"text": "Sequence of processor instructions leads to unexpected behavior for some Intel(R) Xeon(R) 6 Scalable processors may allow an authenticated user to potentially enable escalation of privilege via local access",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.1:ucode-intel-20250812-slfo.1.1_1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-22840",
"url": "https://www.suse.com/security/cve/CVE-2025-22840"
},
{
"category": "external",
"summary": "SUSE Bug 1248438 for CVE-2025-22840",
"url": "https://bugzilla.suse.com/1248438"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.1:ucode-intel-20250812-slfo.1.1_1.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.4,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:R/S:C/C:H/I:H/A:L",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.1:ucode-intel-20250812-slfo.1.1_1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-09-09T10:18:48Z",
"details": "important"
}
],
"title": "CVE-2025-22840"
},
{
"cve": "CVE-2025-22889",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-22889"
}
],
"notes": [
{
"category": "general",
"text": "Improper handling of overlap between protected memory ranges for some Intel(R) Xeon(R) 6 processor with Intel(R) TDX may allow a privileged user to potentially enable escalation of privilege via local access.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.1:ucode-intel-20250812-slfo.1.1_1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-22889",
"url": "https://www.suse.com/security/cve/CVE-2025-22889"
},
{
"category": "external",
"summary": "SUSE Bug 1248438 for CVE-2025-22889",
"url": "https://bugzilla.suse.com/1248438"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.1:ucode-intel-20250812-slfo.1.1_1.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.9,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:C/C:H/I:H/A:N",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.1:ucode-intel-20250812-slfo.1.1_1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-09-09T10:18:48Z",
"details": "important"
}
],
"title": "CVE-2025-22889"
},
{
"cve": "CVE-2025-26403",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-26403"
}
],
"notes": [
{
"category": "general",
"text": "Out-of-bounds write in the memory subsystem for some Intel(R) Xeon(R) 6 processors when using Intel(R) SGX or Intel(R) TDX may allow a privileged user to potentially enable escalation of privilege via local access.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.1:ucode-intel-20250812-slfo.1.1_1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-26403",
"url": "https://www.suse.com/security/cve/CVE-2025-26403"
},
{
"category": "external",
"summary": "SUSE Bug 1248438 for CVE-2025-26403",
"url": "https://bugzilla.suse.com/1248438"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.1:ucode-intel-20250812-slfo.1.1_1.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.2,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:C/C:H/I:H/A:N",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.1:ucode-intel-20250812-slfo.1.1_1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-09-09T10:18:48Z",
"details": "important"
}
],
"title": "CVE-2025-26403"
},
{
"cve": "CVE-2025-32086",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-32086"
}
],
"notes": [
{
"category": "general",
"text": "Improperly implemented security check for standard in the DDRIO configuration for some Intel(R) Xeon(R) 6 Processors when using Intel(R) SGX or Intel(R) TDX may allow a privileged user to potentially enable escalation of privilege via local access.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.1:ucode-intel-20250812-slfo.1.1_1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-32086",
"url": "https://www.suse.com/security/cve/CVE-2025-32086"
},
{
"category": "external",
"summary": "SUSE Bug 1248438 for CVE-2025-32086",
"url": "https://bugzilla.suse.com/1248438"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.1:ucode-intel-20250812-slfo.1.1_1.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.2,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:C/C:H/I:H/A:N",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.1:ucode-intel-20250812-slfo.1.1_1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-09-09T10:18:48Z",
"details": "important"
}
],
"title": "CVE-2025-32086"
}
]
}
SUSE-SU-2025:20715-1
Vulnerability from csaf_suse - Published: 2025-09-12 08:42 - Updated: 2025-09-12 08:42Summary
Security update for ucode-intel
Severity
Important
Notes
Title of the patch: Security update for ucode-intel
Description of the patch: This update for ucode-intel fixes the following issues:
- Intel CPU Microcode was updated to the 20250812 release (bsc#1248438)
- CVE-2025-20109: Improper Isolation or Compartmentalization in the stream cache mechanism for some Intel Processors may allow an authenticated user to potentially enable escalation of privilege via local access.
- CVE-2025-22840: Sequence of processor instructions leads to unexpected behavior for some Intel Xeon 6 Scalable processors may allow an authenticated user to potentially enable escalation of privilege via local access
- CVE-2025-22839: Insufficient granularity of access control in the OOB-MSM for some Intel Xeon 6 Scalable processors may allow a privileged user to potentially enable escalation of privilege via adjacent access.
- CVE-2025-22889: Improper handling of overlap between protected memory ranges for some Intel Xeon 6 processor with Intel TDX may allow a privileged user to potentially enable escalation of privilege via local access.
- CVE-2025-20053: Improper buffer restrictions for some Intel Xeon Processor firmware with SGX enabled may allow a privileged user to potentially enable escalation of privilege via local access.
- CVE-2025-26403: Out-of-bounds write in the memory subsystem for some Intel Xeon 6 processors when using Intel SGX or Intel TDX may allow a privileged user to potentially enable escalation of privilege via local access.
- CVE-2025-32086: Improperly implemented security check for standard in the DDRIO configuration for some Intel Xeon 6 Processors when using Intel SGX or Intel TDX may allow a privileged user to potentially enable escalation of privilege via local access.
- Update for functional issues.
- Updated Platforms:
| Processor | Stepping | F-M-S/PI | Old Ver | New Ver | Products
|:---------------|:---------|:------------|:---------|:---------|:---------
| ARL-H | A1 | 06-c5-02/82 | 00000118 | 00000119 | Core Ultra Processor (Series 2)
| ARL-S/HX (8P) | B0 | 06-c6-02/82 | 00000118 | 00000119 | Core Ultra Processor (Series 2)
| EMR-SP | A1 | 06-cf-02/87 | 210002a9 | 210002b3 | Xeon Scalable Gen5
| GNR-AP/SP | B0 | 06-ad-01/95 | 010003a2 | 010003d0 | Xeon Scalable Gen6
| GNR-AP/SP | H0 | 06-ad-01/20 | 0a0000d1 | 0a000100 | Xeon Scalable Gen6
| ICL-D | B0 | 06-6c-01/10 | 010002d0 | 010002e0 | Xeon D-17xx, D-27xx
| ICX-SP | Dx/M1 | 06-6a-06/87 | 0d000404 | 0d000410 | Xeon Scalable Gen3
| LNL | B0 | 06-bd-01/80 | 0000011f | 00000123 | Core Ultra 200 V Series Processor
| MTL | C0 | 06-aa-04/e6 | 00000024 | 00000025 | Core™ Ultra Processor
| RPL-H/P/PX 6+8 | J0 | 06-ba-02/e0 | 00004128 | 00004129 | Core Gen13
| RPL-U 2+8 | Q0 | 06-ba-03/e0 | 00004128 | 00004129 | Core Gen13
| SPR-HBM | Bx | 06-8f-08/10 | 2c0003f7 | 2c000401 | Xeon Max
| SPR-SP | E4/S2 | 06-8f-07/87 | 2b000639 | 2b000643 | Xeon Scalable Gen4
| SPR-SP | E5/S3 | 06-8f-08/87 | 2b000639 | 2b000643 | Xeon Scalable Gen4
| SRF-SP | C0 | 06-af-03/01 | 03000341 | 03000362 | Xeon 6700-Series Processors with E-Cores
New Disclosures Updated in Prior Releases:
All ADL, RPL, SPR, EMR, MTL, ARL Microcode patches previously released in May 2025.
Patchnames: SUSE-SLE-Micro-6.0-458
Terms of use: CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).
7.2 (High)
Affected products
Recommended
1 product
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Linux Micro 6.0:ucode-intel-20250812-1.1.x86_64 | — |
Vendor Fix
|
Threats
Impact
important
7.8 (High)
Affected products
Recommended
1 product
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Linux Micro 6.0:ucode-intel-20250812-1.1.x86_64 | — |
Vendor Fix
|
Threats
Impact
important
7.5 (High)
Affected products
Recommended
1 product
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Linux Micro 6.0:ucode-intel-20250812-1.1.x86_64 | — |
Vendor Fix
|
Threats
Impact
important
7.4 (High)
Affected products
Recommended
1 product
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Linux Micro 6.0:ucode-intel-20250812-1.1.x86_64 | — |
Vendor Fix
|
Threats
Impact
important
7.9 (High)
Affected products
Recommended
1 product
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Linux Micro 6.0:ucode-intel-20250812-1.1.x86_64 | — |
Vendor Fix
|
Threats
Impact
important
7.2 (High)
Affected products
Recommended
1 product
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Linux Micro 6.0:ucode-intel-20250812-1.1.x86_64 | — |
Vendor Fix
|
Threats
Impact
important
7.2 (High)
Affected products
Recommended
1 product
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Linux Micro 6.0:ucode-intel-20250812-1.1.x86_64 | — |
Vendor Fix
|
Threats
Impact
important
References
26 references
| URL | Category |
|---|---|
| https://www.suse.com/support/security/rating/ | external |
| https://ftp.suse.com/pub/projects/security/csaf/s… | self |
| https://www.suse.com/support/update/announcement/… | self |
| https://lists.suse.com/pipermail/sle-updates/2025… | self |
| https://bugzilla.suse.com/1248438 | self |
| https://www.suse.com/security/cve/CVE-2025-20053/ | self |
| https://www.suse.com/security/cve/CVE-2025-20109/ | self |
| https://www.suse.com/security/cve/CVE-2025-22839/ | self |
| https://www.suse.com/security/cve/CVE-2025-22840/ | self |
| https://www.suse.com/security/cve/CVE-2025-22889/ | self |
| https://www.suse.com/security/cve/CVE-2025-26403/ | self |
| https://www.suse.com/security/cve/CVE-2025-32086/ | self |
| https://www.suse.com/security/cve/CVE-2025-20053 | external |
| https://bugzilla.suse.com/1248438 | external |
| https://www.suse.com/security/cve/CVE-2025-20109 | external |
| https://bugzilla.suse.com/1248438 | external |
| https://www.suse.com/security/cve/CVE-2025-22839 | external |
| https://bugzilla.suse.com/1248438 | external |
| https://www.suse.com/security/cve/CVE-2025-22840 | external |
| https://bugzilla.suse.com/1248438 | external |
| https://www.suse.com/security/cve/CVE-2025-22889 | external |
| https://bugzilla.suse.com/1248438 | external |
| https://www.suse.com/security/cve/CVE-2025-26403 | external |
| https://bugzilla.suse.com/1248438 | external |
| https://www.suse.com/security/cve/CVE-2025-32086 | external |
| https://bugzilla.suse.com/1248438 | external |
{
"document": {
"aggregate_severity": {
"namespace": "https://www.suse.com/support/security/rating/",
"text": "important"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright 2024 SUSE LLC. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "Security update for ucode-intel",
"title": "Title of the patch"
},
{
"category": "description",
"text": "This update for ucode-intel fixes the following issues:\n\n- Intel CPU Microcode was updated to the 20250812 release (bsc#1248438)\n - CVE-2025-20109: Improper Isolation or Compartmentalization in the stream cache mechanism for some Intel Processors may allow an authenticated user to potentially enable escalation of privilege via local access.\n - CVE-2025-22840: Sequence of processor instructions leads to unexpected behavior for some Intel Xeon 6 Scalable processors may allow an authenticated user to potentially enable escalation of privilege via local access\n - CVE-2025-22839: Insufficient granularity of access control in the OOB-MSM for some Intel Xeon 6 Scalable processors may allow a privileged user to potentially enable escalation of privilege via adjacent access.\n - CVE-2025-22889: Improper handling of overlap between protected memory ranges for some Intel Xeon 6 processor with Intel TDX may allow a privileged user to potentially enable escalation of privilege via local access.\n - CVE-2025-20053: Improper buffer restrictions for some Intel Xeon Processor firmware with SGX enabled may allow a privileged user to potentially enable escalation of privilege via local access.\n - CVE-2025-26403: Out-of-bounds write in the memory subsystem for some Intel Xeon 6 processors when using Intel SGX or Intel TDX may allow a privileged user to potentially enable escalation of privilege via local access.\n - CVE-2025-32086: Improperly implemented security check for standard in the DDRIO configuration for some Intel Xeon 6 Processors when using Intel SGX or Intel TDX may allow a privileged user to potentially enable escalation of privilege via local access.\n - Update for functional issues.\n - Updated Platforms:\n\n | Processor | Stepping | F-M-S/PI | Old Ver | New Ver | Products\n |:---------------|:---------|:------------|:---------|:---------|:---------\n | ARL-H | A1 | 06-c5-02/82 | 00000118 | 00000119 | Core Ultra Processor (Series 2)\n | ARL-S/HX (8P) | B0 | 06-c6-02/82 | 00000118 | 00000119 | Core Ultra Processor (Series 2)\n | EMR-SP | A1 | 06-cf-02/87 | 210002a9 | 210002b3 | Xeon Scalable Gen5\n | GNR-AP/SP | B0 | 06-ad-01/95 | 010003a2 | 010003d0 | Xeon Scalable Gen6\n | GNR-AP/SP | H0 | 06-ad-01/20 | 0a0000d1 | 0a000100 | Xeon Scalable Gen6\n | ICL-D | B0 | 06-6c-01/10 | 010002d0 | 010002e0 | Xeon D-17xx, D-27xx\n | ICX-SP | Dx/M1 | 06-6a-06/87 | 0d000404 | 0d000410 | Xeon Scalable Gen3\n | LNL | B0 | 06-bd-01/80 | 0000011f | 00000123 | Core Ultra 200 V Series Processor\n | MTL | C0 | 06-aa-04/e6 | 00000024 | 00000025 | Core\u2122 Ultra Processor\n | RPL-H/P/PX 6+8 | J0 | 06-ba-02/e0 | 00004128 | 00004129 | Core Gen13\n | RPL-U 2+8 | Q0 | 06-ba-03/e0 | 00004128 | 00004129 | Core Gen13\n | SPR-HBM | Bx | 06-8f-08/10 | 2c0003f7 | 2c000401 | Xeon Max\n | SPR-SP | E4/S2 | 06-8f-07/87 | 2b000639 | 2b000643 | Xeon Scalable Gen4\n | SPR-SP | E5/S3 | 06-8f-08/87 | 2b000639 | 2b000643 | Xeon Scalable Gen4\n | SRF-SP | C0 | 06-af-03/01 | 03000341 | 03000362 | Xeon 6700-Series Processors with E-Cores\n\n New Disclosures Updated in Prior Releases:\n All ADL, RPL, SPR, EMR, MTL, ARL Microcode patches previously released in May 2025.\n",
"title": "Description of the patch"
},
{
"category": "details",
"text": "SUSE-SLE-Micro-6.0-458",
"title": "Patchnames"
},
{
"category": "legal_disclaimer",
"text": "CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).",
"title": "Terms of use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://www.suse.com/support/security/contact/",
"name": "SUSE Product Security Team",
"namespace": "https://www.suse.com/"
},
"references": [
{
"category": "external",
"summary": "SUSE ratings",
"url": "https://www.suse.com/support/security/rating/"
},
{
"category": "self",
"summary": "URL of this CSAF notice",
"url": "https://ftp.suse.com/pub/projects/security/csaf/suse-su-2025_20715-1.json"
},
{
"category": "self",
"summary": "URL for SUSE-SU-2025:20715-1",
"url": "https://www.suse.com/support/update/announcement/2025/suse-su-202520715-1/"
},
{
"category": "self",
"summary": "E-Mail link for SUSE-SU-2025:20715-1",
"url": "https://lists.suse.com/pipermail/sle-updates/2025-September/041739.html"
},
{
"category": "self",
"summary": "SUSE Bug 1248438",
"url": "https://bugzilla.suse.com/1248438"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-20053 page",
"url": "https://www.suse.com/security/cve/CVE-2025-20053/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-20109 page",
"url": "https://www.suse.com/security/cve/CVE-2025-20109/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-22839 page",
"url": "https://www.suse.com/security/cve/CVE-2025-22839/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-22840 page",
"url": "https://www.suse.com/security/cve/CVE-2025-22840/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-22889 page",
"url": "https://www.suse.com/security/cve/CVE-2025-22889/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-26403 page",
"url": "https://www.suse.com/security/cve/CVE-2025-26403/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-32086 page",
"url": "https://www.suse.com/security/cve/CVE-2025-32086/"
}
],
"title": "Security update for ucode-intel",
"tracking": {
"current_release_date": "2025-09-12T08:42:10Z",
"generator": {
"date": "2025-09-12T08:42:10Z",
"engine": {
"name": "cve-database.git:bin/generate-csaf.pl",
"version": "1"
}
},
"id": "SUSE-SU-2025:20715-1",
"initial_release_date": "2025-09-12T08:42:10Z",
"revision_history": [
{
"date": "2025-09-12T08:42:10Z",
"number": "1",
"summary": "Current version"
}
],
"status": "final",
"version": "1"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_version",
"name": "ucode-intel-20250812-1.1.x86_64",
"product": {
"name": "ucode-intel-20250812-1.1.x86_64",
"product_id": "ucode-intel-20250812-1.1.x86_64"
}
}
],
"category": "architecture",
"name": "x86_64"
},
{
"branches": [
{
"category": "product_name",
"name": "SUSE Linux Micro 6.0",
"product": {
"name": "SUSE Linux Micro 6.0",
"product_id": "SUSE Linux Micro 6.0",
"product_identification_helper": {
"cpe": "cpe:/o:suse:sl-micro:6.0"
}
}
}
],
"category": "product_family",
"name": "SUSE Linux Enterprise"
}
],
"category": "vendor",
"name": "SUSE"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "ucode-intel-20250812-1.1.x86_64 as component of SUSE Linux Micro 6.0",
"product_id": "SUSE Linux Micro 6.0:ucode-intel-20250812-1.1.x86_64"
},
"product_reference": "ucode-intel-20250812-1.1.x86_64",
"relates_to_product_reference": "SUSE Linux Micro 6.0"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2025-20053",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-20053"
}
],
"notes": [
{
"category": "general",
"text": "Improper buffer restrictions for some Intel(R) Xeon(R) Processor firmware with SGX enabled may allow a privileged user to potentially enable escalation of privilege via local access.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.0:ucode-intel-20250812-1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-20053",
"url": "https://www.suse.com/security/cve/CVE-2025-20053"
},
{
"category": "external",
"summary": "SUSE Bug 1248438 for CVE-2025-20053",
"url": "https://bugzilla.suse.com/1248438"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.0:ucode-intel-20250812-1.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.2,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:C/C:H/I:H/A:N",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.0:ucode-intel-20250812-1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-09-12T08:42:10Z",
"details": "important"
}
],
"title": "CVE-2025-20053"
},
{
"cve": "CVE-2025-20109",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-20109"
}
],
"notes": [
{
"category": "general",
"text": "Improper Isolation or Compartmentalization in the stream cache mechanism for some Intel(R) Processors may allow an authenticated user to potentially enable escalation of privilege via local access.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.0:ucode-intel-20250812-1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-20109",
"url": "https://www.suse.com/security/cve/CVE-2025-20109"
},
{
"category": "external",
"summary": "SUSE Bug 1248438 for CVE-2025-20109",
"url": "https://bugzilla.suse.com/1248438"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.0:ucode-intel-20250812-1.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:C/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.0:ucode-intel-20250812-1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-09-12T08:42:10Z",
"details": "important"
}
],
"title": "CVE-2025-20109"
},
{
"cve": "CVE-2025-22839",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-22839"
}
],
"notes": [
{
"category": "general",
"text": "Insufficient granularity of access control in the OOB-MSM for some Intel(R) Xeon(R) 6 Scalable processors may allow a privileged user to potentially enable escalation of privilege via adjacent access.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.0:ucode-intel-20250812-1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-22839",
"url": "https://www.suse.com/security/cve/CVE-2025-22839"
},
{
"category": "external",
"summary": "SUSE Bug 1248438 for CVE-2025-22839",
"url": "https://bugzilla.suse.com/1248438"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.0:ucode-intel-20250812-1.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.5,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:A/AC:H/PR:H/UI:N/S:C/C:H/I:H/A:L",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.0:ucode-intel-20250812-1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-09-12T08:42:10Z",
"details": "important"
}
],
"title": "CVE-2025-22839"
},
{
"cve": "CVE-2025-22840",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-22840"
}
],
"notes": [
{
"category": "general",
"text": "Sequence of processor instructions leads to unexpected behavior for some Intel(R) Xeon(R) 6 Scalable processors may allow an authenticated user to potentially enable escalation of privilege via local access",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.0:ucode-intel-20250812-1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-22840",
"url": "https://www.suse.com/security/cve/CVE-2025-22840"
},
{
"category": "external",
"summary": "SUSE Bug 1248438 for CVE-2025-22840",
"url": "https://bugzilla.suse.com/1248438"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.0:ucode-intel-20250812-1.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.4,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:R/S:C/C:H/I:H/A:L",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.0:ucode-intel-20250812-1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-09-12T08:42:10Z",
"details": "important"
}
],
"title": "CVE-2025-22840"
},
{
"cve": "CVE-2025-22889",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-22889"
}
],
"notes": [
{
"category": "general",
"text": "Improper handling of overlap between protected memory ranges for some Intel(R) Xeon(R) 6 processor with Intel(R) TDX may allow a privileged user to potentially enable escalation of privilege via local access.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.0:ucode-intel-20250812-1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-22889",
"url": "https://www.suse.com/security/cve/CVE-2025-22889"
},
{
"category": "external",
"summary": "SUSE Bug 1248438 for CVE-2025-22889",
"url": "https://bugzilla.suse.com/1248438"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.0:ucode-intel-20250812-1.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.9,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:C/C:H/I:H/A:N",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.0:ucode-intel-20250812-1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-09-12T08:42:10Z",
"details": "important"
}
],
"title": "CVE-2025-22889"
},
{
"cve": "CVE-2025-26403",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-26403"
}
],
"notes": [
{
"category": "general",
"text": "Out-of-bounds write in the memory subsystem for some Intel(R) Xeon(R) 6 processors when using Intel(R) SGX or Intel(R) TDX may allow a privileged user to potentially enable escalation of privilege via local access.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.0:ucode-intel-20250812-1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-26403",
"url": "https://www.suse.com/security/cve/CVE-2025-26403"
},
{
"category": "external",
"summary": "SUSE Bug 1248438 for CVE-2025-26403",
"url": "https://bugzilla.suse.com/1248438"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.0:ucode-intel-20250812-1.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.2,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:C/C:H/I:H/A:N",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.0:ucode-intel-20250812-1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-09-12T08:42:10Z",
"details": "important"
}
],
"title": "CVE-2025-26403"
},
{
"cve": "CVE-2025-32086",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-32086"
}
],
"notes": [
{
"category": "general",
"text": "Improperly implemented security check for standard in the DDRIO configuration for some Intel(R) Xeon(R) 6 Processors when using Intel(R) SGX or Intel(R) TDX may allow a privileged user to potentially enable escalation of privilege via local access.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.0:ucode-intel-20250812-1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-32086",
"url": "https://www.suse.com/security/cve/CVE-2025-32086"
},
{
"category": "external",
"summary": "SUSE Bug 1248438 for CVE-2025-32086",
"url": "https://bugzilla.suse.com/1248438"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.0:ucode-intel-20250812-1.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.2,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:C/C:H/I:H/A:N",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.0:ucode-intel-20250812-1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-09-12T08:42:10Z",
"details": "important"
}
],
"title": "CVE-2025-32086"
}
]
}
Loading…
Trend slope:
-
(linear fit over daily sighting counts)
Show additional events:
Loading…
Experimental. This forecast is provided for visualization only and may change without notice. Do not use it for operational decisions.
Forecast uses a logistic model when the trend is rising, or an exponential decay model when the trend is falling. Fitted via linearized least squares.
Sightings
| Author | Source | Type | Date | Other |
|---|
Nomenclature
- Seen: The vulnerability was mentioned, discussed, or observed by the user.
- Confirmed: The vulnerability has been validated from an analyst's perspective.
- Published Proof of Concept: A public proof of concept is available for this vulnerability.
- Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
- Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
- Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
- Not confirmed: The user expressed doubt about the validity of the vulnerability.
- Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.
Loading…
Loading…