Updated microcode packages fix security vulnerabilities
Publication date: 10 Oct 2025Modification date: 10 Oct 2025
Type: security
Affected Mageia releases : 9
CVE: CVE-2025-20109 , CVE-2025-22840 , CVE-2025-22839 , CVE-2025-20053 , CVE-2025-24305 , CVE-2025-21090 , CVE-2025-26403 , CVE-2025-32086
Description
The updated package updates AMD cpu microcode for processor family 19h,
adds AMD cpu microcode for processor family 1ah and fixes security
vulnerabilities for Intel processors:
Improper Isolation or Compartmentalization in the stream cache mechanism
for some Intel® Processors may allow an authenticated user to
potentially enable escalation of privilege via local access.
(CVE-2025-20109)
Sequence of processor instructions leads to unexpected behavior for some
Intel® Xeon® 6 Scalable processors may allow an authenticated user to
potentially enable escalation of privilege via local access.
(CVE-2025-22840)
Insufficient granularity of access control in the OOB-MSM for some
Intel® Xeon® 6 Scalable processors may allow a privileged user to
potentially enable escalation of privilege via adjacent access.
(CVE-2025-22839)
Improper handling of overlap between protected memory ranges for some
Intel® Xeon® 6 processor with Intel® TDX may allow a privileged user to
potentially enable escalation of privilege via local access.
(CVE-2025-22889)
Improper buffer restrictions for some Intel® Xeon® Processor firmware
with SGX enabled may allow a privileged user to potentially enable
escalation of privilege via local access. (CVE-2025-20053)
Insufficient control flow management in the Alias Checking Trusted
Module (ACTM) firmware for some Intel® Xeon® processors may allow a
privileged user to potentially enable escalation of privilege via local
access. (CVE-2025-24305)
Missing reference to active allocated resource for some Intel® Xeon®
processors may allow an authenticated user to potentially enable denial
of service via local access. (CVE-2025-21090)
Out-of-bounds write in the memory subsystem for some Intel® Xeon® 6
processors when using Intel® SGX or Intel® TDX may allow a privileged
user to potentially enable escalation of privilege via local access.
(CVE-2025-26403)
Improperly implemented security check for standard in the DDRIO
configuration for some Intel® Xeon® 6 Processors when using Intel® SGX
or Intel® TDX may allow a privileged user to potentially enable
escalation of privilege via local access. (CVE-2025-32086)
References
- https://bugs.mageia.org/show_bug.cgi?id=34629
- https://github.com/intel/Intel-Linux-Processor-Microcode-Data-Files/releases/tag/microcode-20250812
- https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-20109
- https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-22840
- https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-22839
- https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-20053
- https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-24305
- https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-21090
- https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-26403
- https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-32086
SRPMS
9/nonfree
- microcode-0.20250812-1.mga9.nonfree