Alerts This Week
Warning Icon 1 1,109
Alerts This Week
Warning Icon 1 1,109

SUSE: 2025:03053-1 Important ucode-intel Escalation Risk

suse
Calendar Grey September 2, 2025
Dist Suse Esm H88
Canonical issues patch for kernel vulnerabilities, enhancing security protocols for Ubuntu systems. This update necessitates prompt action from users.
* bsc#1248438 Cross-References: * CVE-2025-20053 * CVE-2025-20109

Summary

## This update for ucode-intel fixes the following issues: * Intel CPU Microcode was updated to the 20250812 release (bsc#1248438) * CVE-2025-20109: Improper Isolation or Compartmentalization in the stream cache mechanism for some Intel Processors may allow an authenticated user to potentially enable escalation of privilege via local access. * CVE-2025-22840: Sequence of processor instructions leads to unexpected behavior for some Intel Xeon 6 Scalable processors may allow an authenticated user to potentially enable escalation of privilege via local access * CVE-2025-22839: Insufficient granularity of access control in the OOB-MSM for some Intel Xeon 6 Scalable processors may allow a privileged user to potentially enable escalation of privilege via adjacent access.

References

* bsc#1248438

Cross-

* CVE-2025-20053

* CVE-2025-20109

* CVE-2025-22839

* CVE-2025-22840

* CVE-2025-22889

* CVE-2025-26403

* CVE-2025-32086

CVSS scores:

* CVE-2025-20053 ( SUSE ): 7.0

CVSS:4.0/AV:L/AC:H/AT:N/PR:H/UI:N/VC:H/VI:H/VA:N/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X

* CVE-2025-20053 ( SUSE ): 7.2 CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:C/C:H/I:H/A:N

* CVE-2025-20053 ( NVD ): 7.0

CVSS:4.0/AV:L/AC:H/AT:N/PR:H/UI:N/VC:H/VI:H/VA:N/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X

* CVE-2025-20053 ( NVD ): 7.2 CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:C/C:H/I:H/A:N

* CVE-2025-20109 ( SUSE ): 7.3

Severity
important
Lowest
Low
Medium
High
Critical

Announcement ID: SUSE-SU-2025:03053-1
Release Date: 2025-09-02T17:42:28Z
Rating: important

Get the latest News and Insights

Get the latest Linux and open source security news straight to your inbox.

Your message here