Alerts This Week
Warning Icon 1 1,394
Alerts This Week
Warning Icon 1 1,394

Mageia 9 Microcode Update Critical Escalation Fix MGASA-2026-0043

mageia
Calendar Grey February 18, 2026
Dist Mageia Esm H88
Mageia updates microcode packages addressing security issues in Intel CPUs, critical for system integrity and access escalation.
MGASA-2026-0043 - Updated microcode packages fix security vulnerabilities

Summary

Description: The updated package updates AMD CPUs microcodes and fixes security vulnerabilities in Intel CPUs microcodes: Incorrect behavior order in transition between executive monitor and SMI transfer monitor (STM) in some Intel(R) Processor may allow a privileged user to potentially enable escalation of privilege via local access. (CVE-2024-24853) Improper handling of values in the microcode flow for some Intel(R) Processor Family may allow an escalation of privilege. Startup code and smm adversary with a privileged user combined with a high complexity attack may enable escalation of privilege. This result may potentially occur via local access when attack requirements are present with special internal knowledge and requires no user interaction. The potential vulnerability may impact the confidentiality (low), integrity (low) and availability (none) of the vulnerable system, resulting in subsequent system confidentiality (low), integrity (low) and availability (none) impacts. (C...

References

- https://bugs.mageia.org/show_bug.cgi?id=35130

- https://github.com/intel/Intel-Linux-Processor-Microcode-Data-Files/releases/tag/microcode-20260210-rev1

- https://www.cve.org/CVERecord?id=CVE-2024-24853

- https://www.cve.org/CVERecord?id=CVE-2025-31648

Resolution

SRPMS

- 9/nonfree/microcode-0.20260210-1.mga9.nonfree

Severity
critical
Lowest
Low
Medium
High
Critical

Publication date: 18 Feb 2026
URL: https://advisories.mageia.org/MGASA-2026-0043.html
Type: security
CVE: CVE-2024-24853, CVE-2025-31648

Get the latest News and Insights

Get the latest Linux and open source security news straight to your inbox.

Your message here