Mageia 9: 2025-0160 moderate risk of microcode info leak and DOS attack
mageia
May 23, 2025
Exposure of Sensitive Information in Shared Microarchitectural Structures during Transient Execution for some Intel® Processors may allow an authenticated user to potentially en...
Summary
Exposure of Sensitive Information in Shared Microarchitectural Structures during Transient Execution for some Intel® Processors may allow an authenticated user to potentially enable information disclosure via local access. (CVE-2024-28956) Insufficient resource pool in the core management mechanism for some Intel® Processors may allow an authenticated user to potentially enable denial of service via local access. (CVE-2025-20103) Uncaught exception in the core management mechanism for some Intel® Processors may allow an authenticated user to potentially enable denial of service via local access. (CVE-2025-20054) Exposure of sensitive information caused by shared microarchitectural predictor state that influences transient execution for some Intel Atom® processors may allow an authenticated user to potentially enable information disclosure via local access. (CVE-2024-43420) Exposure of sensitive information caused by shared microarchitectural predictor state that influenc...
Read the Full AdvisoryReferences
- https://bugs.mageia.org/show_bug.cgi?id=34279
- https://github.com/intel/Intel-Linux-Processor-Microcode-Data-Files/releases/tag/microcode-20250512
- https://www.cve.org/CVERecord?id=CVE-2024-28956
- https://www.cve.org/CVERecord?id=CVE-2025-20103
- https://www.cve.org/CVERecord?id=CVE-2025-20054
- https://www.cve.org/CVERecord?id=CVE-2024-43420
- https://www.cve.org/CVERecord?id=CVE-2025-20623
- https://www.cve.org/CVERecord?id=CVE-2024-45332
- https://www.cve.org/CVERecord?id=CVE-2025-24495
- https://www.cve.org/CVERecord?id=CVE-2025-20012
Resolution
SRPMS
- 9/nonfree/microcode-0.20250512-1.mga9.nonfree
PREVIOUS
NEXT
Publication date: 23 May 2025
URL: https://advisories.mageia.org/MGASA-2025-0160.html
Type: security
CVE: CVE-2024-28956,
CVE-2025-20103,
CVE-2025-20054,
CVE-2024-43420,
CVE-2025-20623,
CVE-2024-45332,
CVE-2025-24495,
CVE-2025-20012
Get the latest News and Insights
Get the latest Linux and open source security news straight to your inbox.
Related News
Powered By
Linux Security - Your source for Top Linux News, Advisories, HOWTOs and Feature Releases
QUICK LINKS
subscribe to newsletters!
Like staying secure? So do we.
Sign up for updates, tips, and alerts!