Vulnerability-Lookup

CVE-2025-32086 (GCVE-0-2025-32086)

Vulnerability from cvelistv5 – Published: 2025-08-12 16:59 – Updated: 2026-02-26 17:49

Summary

Improperly implemented security check for standard in the DDRIO configuration for some Intel(R) Xeon(R) 6 Processors when using Intel(R) SGX or Intel(R) TDX may allow a privileged user to potentially enable escalation of privilege via local access.

Severity

7.2 (High)


                        
                          CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:C/C:H/I:H/A:N

CWE

Escalation of Privilege
CWE-358 - Improperly Implemented Security Check for Standard

Assigner

intel

References

1 reference

URL	Tags
https://intel.com/content/www/us/en/security-cent…

Impacted products

1 product

Vendor	Product	Version
n/a	Intel(R) Xeon(R) 6 Processors when using Intel(R) SGX or Intel(R) TDX	Affected: See references

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "metrics": [
          {
            "other": {
              "content": {
                "id": "CVE-2025-32086",
                "options": [
                  {
                    "Exploitation": "none"
                  },
                  {
                    "Automatable": "no"
                  },
                  {
                    "Technical Impact": "total"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2025-08-13T15:04:21.323278Z",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2026-02-26T17:49:25.134Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "title": "CISA ADP Vulnrichment"
      },
      {
        "providerMetadata": {
          "dateUpdated": "2025-11-03T17:32:29.530Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "url": "https://lists.debian.org/debian-lts-announce/2025/10/msg00027.html"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "defaultStatus": "unaffected",
          "product": "Intel(R) Xeon(R) 6 Processors when using Intel(R) SGX or Intel(R) TDX",
          "vendor": "n/a",
          "versions": [
            {
              "status": "affected",
              "version": "See references"
            }
          ]
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "value": "Improperly implemented security check for standard in the DDRIO configuration for some Intel(R) Xeon(R) 6 Processors when using Intel(R) SGX or Intel(R) TDX may allow a privileged user to potentially enable escalation of privilege via local access."
        }
      ],
      "metrics": [
        {
          "cvssV3_1": {
            "attackComplexity": "HIGH",
            "attackVector": "LOCAL",
            "availabilityImpact": "NONE",
            "baseScore": 7.2,
            "baseSeverity": "HIGH",
            "confidentialityImpact": "HIGH",
            "integrityImpact": "HIGH",
            "privilegesRequired": "HIGH",
            "scope": "CHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:C/C:H/I:H/A:N",
            "version": "3.1"
          },
          "cvssV4_0": {
            "attackComplexity": "HIGH",
            "attackRequirements": "NONE",
            "attackVector": "LOCAL",
            "baseScore": 4.5,
            "baseSeverity": "MEDIUM",
            "privilegesRequired": "HIGH",
            "subAvailabilityImpact": "NONE",
            "subConfidentialityImpact": "HIGH",
            "subIntegrityImpact": "HIGH",
            "userInteraction": "NONE",
            "vectorString": "CVSS:4.0/AV:L/AC:H/AT:N/PR:H/UI:N/VC:N/VI:N/VA:N/SC:H/SI:H/SA:N",
            "version": "4.0",
            "vulnAvailabilityImpact": "NONE",
            "vulnConfidentialityImpact": "NONE",
            "vulnIntegrityImpact": "NONE"
          },
          "format": "CVSS",
          "scenarios": [
            {
              "lang": "en",
              "value": "GENERAL"
            }
          ]
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "Escalation of Privilege",
              "lang": "en"
            },
            {
              "cweId": "CWE-358",
              "description": "Improperly Implemented Security Check for Standard",
              "lang": "en",
              "type": "CWE"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2025-08-12T16:59:38.650Z",
        "orgId": "6dda929c-bb53-4a77-a76d-48e79601a1ce",
        "shortName": "intel"
      },
      "references": [
        {
          "name": "https://intel.com/content/www/us/en/security-center/advisory/intel-sa-01367.html",
          "url": "https://intel.com/content/www/us/en/security-center/advisory/intel-sa-01367.html"
        }
      ]
    }
  },
  "cveMetadata": {
    "assignerOrgId": "6dda929c-bb53-4a77-a76d-48e79601a1ce",
    "assignerShortName": "intel",
    "cveId": "CVE-2025-32086",
    "datePublished": "2025-08-12T16:59:38.650Z",
    "dateReserved": "2025-04-04T03:00:34.367Z",
    "dateUpdated": "2026-02-26T17:49:25.134Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.2",
  "vulnerability-lookup:meta": {
    "epss": {
      "cve": "CVE-2025-32086",
      "date": "2026-05-30",
      "epss": "0.00025",
      "percentile": "0.07634"
    },
    "nvd": "{\"cve\":{\"id\":\"CVE-2025-32086\",\"sourceIdentifier\":\"secure@intel.com\",\"published\":\"2025-08-12T17:15:38.690\",\"lastModified\":\"2025-11-03T18:15:54.380\",\"vulnStatus\":\"Awaiting Analysis\",\"cveTags\":[],\"descriptions\":[{\"lang\":\"en\",\"value\":\"Improperly implemented security check for standard in the DDRIO configuration for some Intel(R) Xeon(R) 6 Processors when using Intel(R) SGX or Intel(R) TDX may allow a privileged user to potentially enable escalation of privilege via local access.\"},{\"lang\":\"es\",\"value\":\"Una verificaci\u00f3n de seguridad implementada incorrectamente para el est\u00e1ndar en la configuraci\u00f3n DDRIO para algunos procesadores Intel(R) Xeon(R) 6 al usar Intel(R) SGX o Intel(R) TDX puede permitir que un usuario privilegiado potencialmente habilite la escalada de privilegios a trav\u00e9s del acceso local.\"}],\"metrics\":{\"cvssMetricV40\":[{\"source\":\"secure@intel.com\",\"type\":\"Secondary\",\"cvssData\":{\"version\":\"4.0\",\"vectorString\":\"CVSS:4.0/AV:L/AC:H/AT:N/PR:H/UI:N/VC:N/VI:N/VA:N/SC:H/SI:H/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X\",\"baseScore\":4.5,\"baseSeverity\":\"MEDIUM\",\"attackVector\":\"LOCAL\",\"attackComplexity\":\"HIGH\",\"attackRequirements\":\"NONE\",\"privilegesRequired\":\"HIGH\",\"userInteraction\":\"NONE\",\"vulnConfidentialityImpact\":\"NONE\",\"vulnIntegrityImpact\":\"NONE\",\"vulnAvailabilityImpact\":\"NONE\",\"subConfidentialityImpact\":\"HIGH\",\"subIntegrityImpact\":\"HIGH\",\"subAvailabilityImpact\":\"NONE\",\"exploitMaturity\":\"NOT_DEFINED\",\"confidentialityRequirement\":\"NOT_DEFINED\",\"integrityRequirement\":\"NOT_DEFINED\",\"availabilityRequirement\":\"NOT_DEFINED\",\"modifiedAttackVector\":\"NOT_DEFINED\",\"modifiedAttackComplexity\":\"NOT_DEFINED\",\"modifiedAttackRequirements\":\"NOT_DEFINED\",\"modifiedPrivilegesRequired\":\"NOT_DEFINED\",\"modifiedUserInteraction\":\"NOT_DEFINED\",\"modifiedVulnConfidentialityImpact\":\"NOT_DEFINED\",\"modifiedVulnIntegrityImpact\":\"NOT_DEFINED\",\"modifiedVulnAvailabilityImpact\":\"NOT_DEFINED\",\"modifiedSubConfidentialityImpact\":\"NOT_DEFINED\",\"modifiedSubIntegrityImpact\":\"NOT_DEFINED\",\"modifiedSubAvailabilityImpact\":\"NOT_DEFINED\",\"Safety\":\"NOT_DEFINED\",\"Automatable\":\"NOT_DEFINED\",\"Recovery\":\"NOT_DEFINED\",\"valueDensity\":\"NOT_DEFINED\",\"vulnerabilityResponseEffort\":\"NOT_DEFINED\",\"providerUrgency\":\"NOT_DEFINED\"}}],\"cvssMetricV31\":[{\"source\":\"secure@intel.com\",\"type\":\"Secondary\",\"cvssData\":{\"version\":\"3.1\",\"vectorString\":\"CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:C/C:H/I:H/A:N\",\"baseScore\":7.2,\"baseSeverity\":\"HIGH\",\"attackVector\":\"LOCAL\",\"attackComplexity\":\"HIGH\",\"privilegesRequired\":\"HIGH\",\"userInteraction\":\"NONE\",\"scope\":\"CHANGED\",\"confidentialityImpact\":\"HIGH\",\"integrityImpact\":\"HIGH\",\"availabilityImpact\":\"NONE\"},\"exploitabilityScore\":0.8,\"impactScore\":5.8}]},\"weaknesses\":[{\"source\":\"secure@intel.com\",\"type\":\"Secondary\",\"description\":[{\"lang\":\"en\",\"value\":\"CWE-358\"}]}],\"references\":[{\"url\":\"https://intel.com/content/www/us/en/security-center/advisory/intel-sa-01367.html\",\"source\":\"secure@intel.com\"},{\"url\":\"https://lists.debian.org/debian-lts-announce/2025/10/msg00027.html\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"}]}}",
    "vulnrichment": {
      "containers": "{\"adp\": [{\"title\": \"CVE Program Container\", \"references\": [{\"url\": \"https://lists.debian.org/debian-lts-announce/2025/10/msg00027.html\"}], \"providerMetadata\": {\"orgId\": \"af854a3a-2127-422b-91ae-364da2661108\", \"shortName\": \"CVE\", \"dateUpdated\": \"2025-11-03T17:32:29.530Z\"}}, {\"title\": \"CISA ADP Vulnrichment\", \"metrics\": [{\"other\": {\"type\": \"ssvc\", \"content\": {\"id\": \"CVE-2025-32086\", \"role\": \"CISA Coordinator\", \"options\": [{\"Exploitation\": \"none\"}, {\"Automatable\": \"no\"}, {\"Technical Impact\": \"total\"}], \"version\": \"2.0.3\", \"timestamp\": \"2025-08-13T15:04:21.323278Z\"}}}], \"providerMetadata\": {\"orgId\": \"134c704f-9b21-4f2e-91b3-4a467353bcc0\", \"shortName\": \"CISA-ADP\", \"dateUpdated\": \"2025-08-13T18:57:24.071Z\"}}], \"cna\": {\"metrics\": [{\"format\": \"CVSS\", \"cvssV3_1\": {\"scope\": \"CHANGED\", \"version\": \"3.1\", \"baseScore\": 7.2, \"attackVector\": \"LOCAL\", \"baseSeverity\": \"HIGH\", \"vectorString\": \"CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:C/C:H/I:H/A:N\", \"integrityImpact\": \"HIGH\", \"userInteraction\": \"NONE\", \"attackComplexity\": \"HIGH\", \"availabilityImpact\": \"NONE\", \"privilegesRequired\": \"HIGH\", \"confidentialityImpact\": \"HIGH\"}, \"cvssV4_0\": {\"version\": \"4.0\", \"baseScore\": 4.5, \"attackVector\": \"LOCAL\", \"baseSeverity\": \"MEDIUM\", \"vectorString\": \"CVSS:4.0/AV:L/AC:H/AT:N/PR:H/UI:N/VC:N/VI:N/VA:N/SC:H/SI:H/SA:N\", \"userInteraction\": \"NONE\", \"attackComplexity\": \"HIGH\", \"attackRequirements\": \"NONE\", \"privilegesRequired\": \"HIGH\", \"subIntegrityImpact\": \"HIGH\", \"vulnIntegrityImpact\": \"NONE\", \"subAvailabilityImpact\": \"NONE\", \"vulnAvailabilityImpact\": \"NONE\", \"subConfidentialityImpact\": \"HIGH\", \"vulnConfidentialityImpact\": \"NONE\"}, \"scenarios\": [{\"lang\": \"en\", \"value\": \"GENERAL\"}]}], \"affected\": [{\"vendor\": \"n/a\", \"product\": \"Intel(R) Xeon(R) 6 Processors when using Intel(R) SGX or Intel(R) TDX\", \"versions\": [{\"status\": \"affected\", \"version\": \"See references\"}], \"defaultStatus\": \"unaffected\"}], \"references\": [{\"url\": \"https://intel.com/content/www/us/en/security-center/advisory/intel-sa-01367.html\", \"name\": \"https://intel.com/content/www/us/en/security-center/advisory/intel-sa-01367.html\"}], \"descriptions\": [{\"lang\": \"en\", \"value\": \"Improperly implemented security check for standard in the DDRIO configuration for some Intel(R) Xeon(R) 6 Processors when using Intel(R) SGX or Intel(R) TDX may allow a privileged user to potentially enable escalation of privilege via local access.\"}], \"problemTypes\": [{\"descriptions\": [{\"lang\": \"en\", \"description\": \"Escalation of Privilege\"}, {\"lang\": \"en\", \"type\": \"CWE\", \"cweId\": \"CWE-358\", \"description\": \"Improperly Implemented Security Check for Standard\"}]}], \"providerMetadata\": {\"orgId\": \"6dda929c-bb53-4a77-a76d-48e79601a1ce\", \"shortName\": \"intel\", \"dateUpdated\": \"2025-08-12T16:59:38.650Z\"}}}",
      "cveMetadata": "{\"cveId\": \"CVE-2025-32086\", \"state\": \"PUBLISHED\", \"dateUpdated\": \"2025-11-03T17:32:29.530Z\", \"dateReserved\": \"2025-04-04T03:00:34.367Z\", \"assignerOrgId\": \"6dda929c-bb53-4a77-a76d-48e79601a1ce\", \"datePublished\": \"2025-08-12T16:59:38.650Z\", \"assignerShortName\": \"intel\"}",
      "dataType": "CVE_RECORD",
      "dataVersion": "5.2"
    }
  }
}

SUSE-SU-2025:20715-1

Vulnerability from csaf_suse - Published: 2025-09-12 08:42 - Updated: 2025-09-12 08:42

Summary

Security update for ucode-intel

Severity

Important

Notes

Title of the patch: Security update for ucode-intel

Description of the patch: This update for ucode-intel fixes the following issues: - Intel CPU Microcode was updated to the 20250812 release (bsc#1248438) - CVE-2025-20109: Improper Isolation or Compartmentalization in the stream cache mechanism for some Intel Processors may allow an authenticated user to potentially enable escalation of privilege via local access. - CVE-2025-22840: Sequence of processor instructions leads to unexpected behavior for some Intel Xeon 6 Scalable processors may allow an authenticated user to potentially enable escalation of privilege via local access - CVE-2025-22839: Insufficient granularity of access control in the OOB-MSM for some Intel Xeon 6 Scalable processors may allow a privileged user to potentially enable escalation of privilege via adjacent access. - CVE-2025-22889: Improper handling of overlap between protected memory ranges for some Intel Xeon 6 processor with Intel TDX may allow a privileged user to potentially enable escalation of privilege via local access. - CVE-2025-20053: Improper buffer restrictions for some Intel Xeon Processor firmware with SGX enabled may allow a privileged user to potentially enable escalation of privilege via local access. - CVE-2025-26403: Out-of-bounds write in the memory subsystem for some Intel Xeon 6 processors when using Intel SGX or Intel TDX may allow a privileged user to potentially enable escalation of privilege via local access. - CVE-2025-32086: Improperly implemented security check for standard in the DDRIO configuration for some Intel Xeon 6 Processors when using Intel SGX or Intel TDX may allow a privileged user to potentially enable escalation of privilege via local access. - Update for functional issues. - Updated Platforms: | Processor | Stepping | F-M-S/PI | Old Ver | New Ver | Products |:---------------|:---------|:------------|:---------|:---------|:--------- | ARL-H | A1 | 06-c5-02/82 | 00000118 | 00000119 | Core Ultra Processor (Series 2) | ARL-S/HX (8P) | B0 | 06-c6-02/82 | 00000118 | 00000119 | Core Ultra Processor (Series 2) | EMR-SP | A1 | 06-cf-02/87 | 210002a9 | 210002b3 | Xeon Scalable Gen5 | GNR-AP/SP | B0 | 06-ad-01/95 | 010003a2 | 010003d0 | Xeon Scalable Gen6 | GNR-AP/SP | H0 | 06-ad-01/20 | 0a0000d1 | 0a000100 | Xeon Scalable Gen6 | ICL-D | B0 | 06-6c-01/10 | 010002d0 | 010002e0 | Xeon D-17xx, D-27xx | ICX-SP | Dx/M1 | 06-6a-06/87 | 0d000404 | 0d000410 | Xeon Scalable Gen3 | LNL | B0 | 06-bd-01/80 | 0000011f | 00000123 | Core Ultra 200 V Series Processor | MTL | C0 | 06-aa-04/e6 | 00000024 | 00000025 | Core™ Ultra Processor | RPL-H/P/PX 6+8 | J0 | 06-ba-02/e0 | 00004128 | 00004129 | Core Gen13 | RPL-U 2+8 | Q0 | 06-ba-03/e0 | 00004128 | 00004129 | Core Gen13 | SPR-HBM | Bx | 06-8f-08/10 | 2c0003f7 | 2c000401 | Xeon Max | SPR-SP | E4/S2 | 06-8f-07/87 | 2b000639 | 2b000643 | Xeon Scalable Gen4 | SPR-SP | E5/S3 | 06-8f-08/87 | 2b000639 | 2b000643 | Xeon Scalable Gen4 | SRF-SP | C0 | 06-af-03/01 | 03000341 | 03000362 | Xeon 6700-Series Processors with E-Cores New Disclosures Updated in Prior Releases: All ADL, RPL, SPR, EMR, MTL, ARL Microcode patches previously released in May 2025.

Patchnames: SUSE-SLE-Micro-6.0-458

CVE-2025-20053

7.2 (High)


                        
                          CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:C/C:H/I:H/A:N

Affected products

Recommended 1 product

Product	Identifier	Version	Remediation
Unresolved product id: SUSE Linux Micro 6.0:ucode-intel-20250812-1.1.x86_64		—	Vendor Fix

Threats

Impact important

CVE-2025-20109

7.8 (High)


                        
                          CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:C/C:H/I:H/A:H

Affected products

Recommended 1 product

Product	Identifier	Version	Remediation
Unresolved product id: SUSE Linux Micro 6.0:ucode-intel-20250812-1.1.x86_64		—	Vendor Fix

Threats

Impact important

CVE-2025-22839

7.5 (High)


                        
                          CVSS:3.1/AV:A/AC:H/PR:H/UI:N/S:C/C:H/I:H/A:L

Affected products

Recommended 1 product

Product	Identifier	Version	Remediation
Unresolved product id: SUSE Linux Micro 6.0:ucode-intel-20250812-1.1.x86_64		—	Vendor Fix

Threats

Impact important

CVE-2025-22840

7.4 (High)


                        
                          CVSS:3.1/AV:L/AC:H/PR:L/UI:R/S:C/C:H/I:H/A:L

Affected products

Recommended 1 product

Product	Identifier	Version	Remediation
Unresolved product id: SUSE Linux Micro 6.0:ucode-intel-20250812-1.1.x86_64		—	Vendor Fix

Threats

Impact important

CVE-2025-22889

7.9 (High)


                        
                          CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:C/C:H/I:H/A:N

Affected products

Recommended 1 product

Product	Identifier	Version	Remediation
Unresolved product id: SUSE Linux Micro 6.0:ucode-intel-20250812-1.1.x86_64		—	Vendor Fix

Threats

Impact important

CVE-2025-26403

7.2 (High)


                        
                          CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:C/C:H/I:H/A:N

Affected products

Recommended 1 product

Product	Identifier	Version	Remediation
Unresolved product id: SUSE Linux Micro 6.0:ucode-intel-20250812-1.1.x86_64		—	Vendor Fix

Threats

Impact important

CVE-2025-32086

7.2 (High)


                        
                          CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:C/C:H/I:H/A:N

Affected products

Recommended 1 product

Product	Identifier	Version	Remediation
Unresolved product id: SUSE Linux Micro 6.0:ucode-intel-20250812-1.1.x86_64		—	Vendor Fix

Threats

Impact important

References

26 references

URL	Category
https://www.suse.com/support/security/rating/	external
https://ftp.suse.com/pub/projects/security/csaf/s…	self
https://www.suse.com/support/update/announcement/…	self
https://lists.suse.com/pipermail/sle-updates/2025…	self
https://bugzilla.suse.com/1248438	self
https://www.suse.com/security/cve/CVE-2025-20053/	self
https://www.suse.com/security/cve/CVE-2025-20109/	self
https://www.suse.com/security/cve/CVE-2025-22839/	self
https://www.suse.com/security/cve/CVE-2025-22840/	self
https://www.suse.com/security/cve/CVE-2025-22889/	self
https://www.suse.com/security/cve/CVE-2025-26403/	self
https://www.suse.com/security/cve/CVE-2025-32086/	self
https://www.suse.com/security/cve/CVE-2025-20053	external
https://bugzilla.suse.com/1248438	external
https://www.suse.com/security/cve/CVE-2025-20109	external
https://bugzilla.suse.com/1248438	external
https://www.suse.com/security/cve/CVE-2025-22839	external
https://bugzilla.suse.com/1248438	external
https://www.suse.com/security/cve/CVE-2025-22840	external
https://bugzilla.suse.com/1248438	external
https://www.suse.com/security/cve/CVE-2025-22889	external
https://bugzilla.suse.com/1248438	external
https://www.suse.com/security/cve/CVE-2025-26403	external
https://bugzilla.suse.com/1248438	external
https://www.suse.com/security/cve/CVE-2025-32086	external
https://bugzilla.suse.com/1248438	external

JSON

To clipboard

{
  "document": {
    "aggregate_severity": {
      "namespace": "https://www.suse.com/support/security/rating/",
      "text": "important"
    },
    "category": "csaf_security_advisory",
    "csaf_version": "2.0",
    "distribution": {
      "text": "Copyright 2024 SUSE LLC. All rights reserved.",
      "tlp": {
        "label": "WHITE",
        "url": "https://www.first.org/tlp/"
      }
    },
    "lang": "en",
    "notes": [
      {
        "category": "summary",
        "text": "Security update for ucode-intel",
        "title": "Title of the patch"
      },
      {
        "category": "description",
        "text": "This update for ucode-intel fixes the following issues:\n\n- Intel CPU Microcode was updated to the 20250812 release (bsc#1248438)\n     - CVE-2025-20109: Improper Isolation or Compartmentalization in the stream cache mechanism for some Intel Processors may allow an authenticated user to potentially enable escalation of privilege via local access.\n     - CVE-2025-22840: Sequence of processor instructions leads to unexpected behavior for some Intel Xeon 6 Scalable processors may allow an authenticated user to potentially enable escalation of privilege via local access\n     - CVE-2025-22839: Insufficient granularity of access control in the OOB-MSM for some Intel Xeon 6 Scalable processors may allow a privileged user to potentially enable escalation of privilege via adjacent access.\n     - CVE-2025-22889: Improper handling of overlap between protected memory ranges for some Intel Xeon 6 processor with Intel TDX may allow a privileged user to potentially enable escalation of privilege via local access.\n     - CVE-2025-20053: Improper buffer restrictions for some Intel Xeon Processor firmware with SGX enabled may allow a privileged user to potentially enable escalation of privilege via local access.\n     - CVE-2025-26403: Out-of-bounds write in the memory subsystem for some Intel Xeon 6 processors when using Intel SGX or Intel TDX may allow a privileged user to potentially enable escalation of privilege via local access.\n     - CVE-2025-32086: Improperly implemented security check for standard in the DDRIO configuration for some Intel Xeon 6 Processors when using Intel SGX or Intel TDX may allow a privileged user to potentially enable escalation of privilege via local access.\n     - Update for functional issues.\n     - Updated Platforms:\n\n  | Processor      | Stepping | F-M-S/PI    | Old Ver  | New Ver  | Products\n  |:---------------|:---------|:------------|:---------|:---------|:---------\n  | ARL-H          | A1       | 06-c5-02/82 | 00000118 | 00000119 | Core Ultra Processor (Series 2)\n  | ARL-S/HX (8P)  | B0       | 06-c6-02/82 | 00000118 | 00000119 | Core Ultra Processor (Series 2)\n  | EMR-SP         | A1       | 06-cf-02/87 | 210002a9 | 210002b3 | Xeon Scalable Gen5\n  | GNR-AP/SP      | B0       | 06-ad-01/95 | 010003a2 | 010003d0 | Xeon Scalable Gen6\n  | GNR-AP/SP      | H0       | 06-ad-01/20 | 0a0000d1 | 0a000100 | Xeon Scalable Gen6\n  | ICL-D          | B0       | 06-6c-01/10 | 010002d0 | 010002e0 | Xeon D-17xx, D-27xx\n  | ICX-SP         | Dx/M1    | 06-6a-06/87 | 0d000404 | 0d000410 | Xeon Scalable Gen3\n  | LNL            | B0       | 06-bd-01/80 | 0000011f | 00000123 | Core Ultra 200 V Series Processor\n  | MTL            | C0       | 06-aa-04/e6 | 00000024 | 00000025 | Core\u2122 Ultra Processor\n  | RPL-H/P/PX 6+8 | J0       | 06-ba-02/e0 | 00004128 | 00004129 | Core Gen13\n  | RPL-U 2+8      | Q0       | 06-ba-03/e0 | 00004128 | 00004129 | Core Gen13\n  | SPR-HBM        | Bx       | 06-8f-08/10 | 2c0003f7 | 2c000401 | Xeon Max\n  | SPR-SP         | E4/S2    | 06-8f-07/87 | 2b000639 | 2b000643 | Xeon Scalable Gen4\n  | SPR-SP         | E5/S3    | 06-8f-08/87 | 2b000639 | 2b000643 | Xeon Scalable Gen4\n  | SRF-SP         | C0       | 06-af-03/01 | 03000341 | 03000362 | Xeon 6700-Series Processors with E-Cores\n\n  New Disclosures Updated in Prior Releases:\n  All ADL, RPL, SPR, EMR, MTL, ARL Microcode patches previously released in May 2025.\n",
        "title": "Description of the patch"
      },
      {
        "category": "details",
        "text": "SUSE-SLE-Micro-6.0-458",
        "title": "Patchnames"
      },
      {
        "category": "legal_disclaimer",
        "text": "CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).",
        "title": "Terms of use"
      }
    ],
    "publisher": {
      "category": "vendor",
      "contact_details": "https://www.suse.com/support/security/contact/",
      "name": "SUSE Product Security Team",
      "namespace": "https://www.suse.com/"
    },
    "references": [
      {
        "category": "external",
        "summary": "SUSE ratings",
        "url": "https://www.suse.com/support/security/rating/"
      },
      {
        "category": "self",
        "summary": "URL of this CSAF notice",
        "url": "https://ftp.suse.com/pub/projects/security/csaf/suse-su-2025_20715-1.json"
      },
      {
        "category": "self",
        "summary": "URL for SUSE-SU-2025:20715-1",
        "url": "https://www.suse.com/support/update/announcement/2025/suse-su-202520715-1/"
      },
      {
        "category": "self",
        "summary": "E-Mail link for SUSE-SU-2025:20715-1",
        "url": "https://lists.suse.com/pipermail/sle-updates/2025-September/041739.html"
      },
      {
        "category": "self",
        "summary": "SUSE Bug 1248438",
        "url": "https://bugzilla.suse.com/1248438"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2025-20053 page",
        "url": "https://www.suse.com/security/cve/CVE-2025-20053/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2025-20109 page",
        "url": "https://www.suse.com/security/cve/CVE-2025-20109/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2025-22839 page",
        "url": "https://www.suse.com/security/cve/CVE-2025-22839/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2025-22840 page",
        "url": "https://www.suse.com/security/cve/CVE-2025-22840/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2025-22889 page",
        "url": "https://www.suse.com/security/cve/CVE-2025-22889/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2025-26403 page",
        "url": "https://www.suse.com/security/cve/CVE-2025-26403/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2025-32086 page",
        "url": "https://www.suse.com/security/cve/CVE-2025-32086/"
      }
    ],
    "title": "Security update for ucode-intel",
    "tracking": {
      "current_release_date": "2025-09-12T08:42:10Z",
      "generator": {
        "date": "2025-09-12T08:42:10Z",
        "engine": {
          "name": "cve-database.git:bin/generate-csaf.pl",
          "version": "1"
        }
      },
      "id": "SUSE-SU-2025:20715-1",
      "initial_release_date": "2025-09-12T08:42:10Z",
      "revision_history": [
        {
          "date": "2025-09-12T08:42:10Z",
          "number": "1",
          "summary": "Current version"
        }
      ],
      "status": "final",
      "version": "1"
    }
  },
  "product_tree": {
    "branches": [
      {
        "branches": [
          {
            "branches": [
              {
                "category": "product_version",
                "name": "ucode-intel-20250812-1.1.x86_64",
                "product": {
                  "name": "ucode-intel-20250812-1.1.x86_64",
                  "product_id": "ucode-intel-20250812-1.1.x86_64"
                }
              }
            ],
            "category": "architecture",
            "name": "x86_64"
          },
          {
            "branches": [
              {
                "category": "product_name",
                "name": "SUSE Linux Micro 6.0",
                "product": {
                  "name": "SUSE Linux Micro 6.0",
                  "product_id": "SUSE Linux Micro 6.0",
                  "product_identification_helper": {
                    "cpe": "cpe:/o:suse:sl-micro:6.0"
                  }
                }
              }
            ],
            "category": "product_family",
            "name": "SUSE Linux Enterprise"
          }
        ],
        "category": "vendor",
        "name": "SUSE"
      }
    ],
    "relationships": [
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "ucode-intel-20250812-1.1.x86_64 as component of SUSE Linux Micro 6.0",
          "product_id": "SUSE Linux Micro 6.0:ucode-intel-20250812-1.1.x86_64"
        },
        "product_reference": "ucode-intel-20250812-1.1.x86_64",
        "relates_to_product_reference": "SUSE Linux Micro 6.0"
      }
    ]
  },
  "vulnerabilities": [
    {
      "cve": "CVE-2025-20053",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2025-20053"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "Improper buffer restrictions for some Intel(R) Xeon(R) Processor firmware with SGX enabled may allow a privileged user to potentially enable escalation of privilege via local access.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "SUSE Linux Micro 6.0:ucode-intel-20250812-1.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2025-20053",
          "url": "https://www.suse.com/security/cve/CVE-2025-20053"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1248438 for CVE-2025-20053",
          "url": "https://bugzilla.suse.com/1248438"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "SUSE Linux Micro 6.0:ucode-intel-20250812-1.1.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 7.2,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:C/C:H/I:H/A:N",
            "version": "3.1"
          },
          "products": [
            "SUSE Linux Micro 6.0:ucode-intel-20250812-1.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2025-09-12T08:42:10Z",
          "details": "important"
        }
      ],
      "title": "CVE-2025-20053"
    },
    {
      "cve": "CVE-2025-20109",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2025-20109"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "Improper Isolation or Compartmentalization in the stream cache mechanism for some Intel(R) Processors may allow an authenticated user to potentially enable escalation of privilege via local access.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "SUSE Linux Micro 6.0:ucode-intel-20250812-1.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2025-20109",
          "url": "https://www.suse.com/security/cve/CVE-2025-20109"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1248438 for CVE-2025-20109",
          "url": "https://bugzilla.suse.com/1248438"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "SUSE Linux Micro 6.0:ucode-intel-20250812-1.1.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 7.8,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:C/C:H/I:H/A:H",
            "version": "3.1"
          },
          "products": [
            "SUSE Linux Micro 6.0:ucode-intel-20250812-1.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2025-09-12T08:42:10Z",
          "details": "important"
        }
      ],
      "title": "CVE-2025-20109"
    },
    {
      "cve": "CVE-2025-22839",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2025-22839"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "Insufficient granularity of access control in the OOB-MSM for some Intel(R) Xeon(R) 6 Scalable processors may allow a privileged user to potentially enable escalation of privilege via adjacent access.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "SUSE Linux Micro 6.0:ucode-intel-20250812-1.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2025-22839",
          "url": "https://www.suse.com/security/cve/CVE-2025-22839"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1248438 for CVE-2025-22839",
          "url": "https://bugzilla.suse.com/1248438"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "SUSE Linux Micro 6.0:ucode-intel-20250812-1.1.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 7.5,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:A/AC:H/PR:H/UI:N/S:C/C:H/I:H/A:L",
            "version": "3.1"
          },
          "products": [
            "SUSE Linux Micro 6.0:ucode-intel-20250812-1.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2025-09-12T08:42:10Z",
          "details": "important"
        }
      ],
      "title": "CVE-2025-22839"
    },
    {
      "cve": "CVE-2025-22840",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2025-22840"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "Sequence of processor instructions leads to unexpected behavior for some Intel(R) Xeon(R) 6 Scalable processors may allow an authenticated user to potentially enable escalation of privilege via local access",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "SUSE Linux Micro 6.0:ucode-intel-20250812-1.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2025-22840",
          "url": "https://www.suse.com/security/cve/CVE-2025-22840"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1248438 for CVE-2025-22840",
          "url": "https://bugzilla.suse.com/1248438"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "SUSE Linux Micro 6.0:ucode-intel-20250812-1.1.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 7.4,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:R/S:C/C:H/I:H/A:L",
            "version": "3.1"
          },
          "products": [
            "SUSE Linux Micro 6.0:ucode-intel-20250812-1.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2025-09-12T08:42:10Z",
          "details": "important"
        }
      ],
      "title": "CVE-2025-22840"
    },
    {
      "cve": "CVE-2025-22889",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2025-22889"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "Improper handling of overlap between protected memory ranges for some Intel(R) Xeon(R) 6 processor with Intel(R) TDX may allow a privileged user to potentially enable escalation of privilege via local access.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "SUSE Linux Micro 6.0:ucode-intel-20250812-1.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2025-22889",
          "url": "https://www.suse.com/security/cve/CVE-2025-22889"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1248438 for CVE-2025-22889",
          "url": "https://bugzilla.suse.com/1248438"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "SUSE Linux Micro 6.0:ucode-intel-20250812-1.1.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 7.9,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:C/C:H/I:H/A:N",
            "version": "3.1"
          },
          "products": [
            "SUSE Linux Micro 6.0:ucode-intel-20250812-1.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2025-09-12T08:42:10Z",
          "details": "important"
        }
      ],
      "title": "CVE-2025-22889"
    },
    {
      "cve": "CVE-2025-26403",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2025-26403"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "Out-of-bounds write in the memory subsystem for some Intel(R) Xeon(R) 6 processors when using Intel(R) SGX or Intel(R) TDX may allow a privileged user to potentially enable escalation of privilege via local access.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "SUSE Linux Micro 6.0:ucode-intel-20250812-1.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2025-26403",
          "url": "https://www.suse.com/security/cve/CVE-2025-26403"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1248438 for CVE-2025-26403",
          "url": "https://bugzilla.suse.com/1248438"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "SUSE Linux Micro 6.0:ucode-intel-20250812-1.1.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 7.2,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:C/C:H/I:H/A:N",
            "version": "3.1"
          },
          "products": [
            "SUSE Linux Micro 6.0:ucode-intel-20250812-1.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2025-09-12T08:42:10Z",
          "details": "important"
        }
      ],
      "title": "CVE-2025-26403"
    },
    {
      "cve": "CVE-2025-32086",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2025-32086"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "Improperly implemented security check for standard in the DDRIO configuration for some Intel(R) Xeon(R) 6 Processors when using Intel(R) SGX or Intel(R) TDX may allow a privileged user to potentially enable escalation of privilege via local access.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "SUSE Linux Micro 6.0:ucode-intel-20250812-1.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2025-32086",
          "url": "https://www.suse.com/security/cve/CVE-2025-32086"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1248438 for CVE-2025-32086",
          "url": "https://bugzilla.suse.com/1248438"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "SUSE Linux Micro 6.0:ucode-intel-20250812-1.1.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 7.2,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:C/C:H/I:H/A:N",
            "version": "3.1"
          },
          "products": [
            "SUSE Linux Micro 6.0:ucode-intel-20250812-1.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2025-09-12T08:42:10Z",
          "details": "important"
        }
      ],
      "title": "CVE-2025-32086"
    }
  ]
}

WID-SEC-W-2025-1785

Vulnerability from csaf_certbund - Published: 2025-08-12 22:00 - Updated: 2025-10-29 23:00

Summary

Intel Prozessoren: Mehrere Schwachstellen

Severity

Mittel

Notes

Das BSI ist als Anbieter für die eigenen, zur Nutzung bereitgestellten Inhalte nach den allgemeinen Gesetzen verantwortlich. Nutzerinnen und Nutzer sind jedoch dafür verantwortlich, die Verwendung und/oder die Umsetzung der mit den Inhalten bereitgestellten Informationen sorgfältig im Einzelfall zu prüfen.

Produktbeschreibung: Der Prozessor ist das zentrale Rechenwerk eines Computers.

Angriff: Ein lokaler Angreifer kann mehrere Schwachstellen in Intel Prozessor ausnutzen, um seine Privilegien zu erhöhen, vertrauliche Informationen offenzulegen und einen Denial-of-Service-Zustand herbeizuführen.

Betroffene Betriebssysteme: - Hardware Appliance - Sonstiges

CVE-2025-20044

Affected products

Known affected 20 products

Product	Identifier	Version
HP Computer HP / Computer	`cpe:/h:hp:computer:-`	—
Dell PowerEdge Dell / PowerEdge	`cpe:/h:dell:poweredge:-`	—
Dell PowerScale OneFS Dell / PowerScale	`cpe:/a:dell:powerscale_onefs:onefs`	OneFS
Intel Prozessor Xeon 4,5,6 <1.5.16 Intel / Prozessor		Xeon 4,5,6 <1.5.16
Intel Prozessor 5th, 4th Gen Xeon Scalable Processors Intel / Prozessor	`cpe:/h:intel:intel_prozessor:5th_4th_gen_xeon_scalable_processors`	5th, 4th Gen Xeon Scalable Processors
Intel Prozessor Xeon 6 P-cores <2.0.8 Intel / Prozessor		Xeon 6 P-cores <2.0.8
Dell Computer Dell	`cpe:/o:dell:dell_computer:-`	—
Intel Prozessor Xeon 6 TDX Module <2.0.08 Intel / Prozessor		Xeon 6 TDX Module <2.0.08
Intel Prozessor Xeon 6 E-cores TDX Module <1.5.13 Intel / Prozessor		Xeon 6 E-cores TDX Module <1.5.13
Dell PowerEdge Dell / PowerEdge	`cpe:/h:dell:poweredge:-`	—
Debian Linux Debian	`cpe:/o:debian:debian_linux:-`	—
SUSE Linux SUSE	`cpe:/o:suse:suse_linux:-`	—
HPE ProLiant HPE / ProLiant	`cpe:/h:hp:proliant:-`	—
Intel Prozessor 5th Gen Xeon TDX Module <1.5.13 Intel / Prozessor		5th Gen Xeon TDX Module <1.5.13
Intel Prozessor 4th Gen Xeon TDX Module <1.5.13 Intel / Prozessor		4th Gen Xeon TDX Module <1.5.13
SUSE openSUSE SUSE	`cpe:/o:suse:opensuse:-`	—
HP Computer HP / Computer	`cpe:/h:hp:computer:-`	—
HPE ProLiant HPE / ProLiant	`cpe:/h:hp:proliant:-`	—
Amazon Linux 2 Amazon	`cpe:/o:amazon:linux_2:-`	—
Lenovo Computer Lenovo	`cpe:/h:lenovo:computer:-`	—

CVE-2025-20053

Affected products

Known affected 17 products

Product	Identifier	Version
HP Computer HP / Computer	`cpe:/h:hp:computer:-`	—
Dell PowerEdge Dell / PowerEdge	`cpe:/h:dell:poweredge:-`	—
Dell PowerScale OneFS Dell / PowerScale	`cpe:/a:dell:powerscale_onefs:onefs`	OneFS
Intel Prozessor 5th, 4th Gen Xeon Scalable Processors Intel / Prozessor	`cpe:/h:intel:intel_prozessor:5th_4th_gen_xeon_scalable_processors`	5th, 4th Gen Xeon Scalable Processors
Dell Computer Dell	`cpe:/o:dell:dell_computer:-`	—
Dell PowerEdge Dell / PowerEdge	`cpe:/h:dell:poweredge:-`	—
Debian Linux Debian	`cpe:/o:debian:debian_linux:-`	—
SUSE Linux SUSE	`cpe:/o:suse:suse_linux:-`	—
HPE ProLiant HPE / ProLiant	`cpe:/h:hp:proliant:-`	—
SUSE openSUSE SUSE	`cpe:/o:suse:opensuse:-`	—
HP Computer HP / Computer	`cpe:/h:hp:computer:-`	—
HPE ProLiant HPE / ProLiant	`cpe:/h:hp:proliant:-`	—
Intel Prozessor Xeon 6 family Intel / Prozessor	`cpe:/h:intel:intel_prozessor:xeon_6_family`	Xeon 6 family
Amazon Linux 2 Amazon	`cpe:/o:amazon:linux_2:-`	—
Lenovo Computer Lenovo	`cpe:/h:lenovo:computer:-`	—
Intel Prozessor Xeon W2400 and W3400 Intel / Prozessor	`cpe:/h:intel:intel_prozessor:xeon_w2400_and_w3400`	Xeon W2400 and W3400
Intel Prozessor Xeon 6 with E-cores Intel / Prozessor	`cpe:/h:intel:intel_prozessor:xeon_6_with_e-cores`	Xeon 6 with E-cores

CVE-2025-21090

Affected products

Known affected 17 products

Product	Identifier	Version
HP Computer HP / Computer	`cpe:/h:hp:computer:-`	—
Dell PowerEdge Dell / PowerEdge	`cpe:/h:dell:poweredge:-`	—
Dell PowerScale OneFS Dell / PowerScale	`cpe:/a:dell:powerscale_onefs:onefs`	OneFS
Intel Prozessor 5th, 4th Gen Xeon Scalable Processors Intel / Prozessor	`cpe:/h:intel:intel_prozessor:5th_4th_gen_xeon_scalable_processors`	5th, 4th Gen Xeon Scalable Processors
Dell Computer Dell	`cpe:/o:dell:dell_computer:-`	—
Dell PowerEdge Dell / PowerEdge	`cpe:/h:dell:poweredge:-`	—
Debian Linux Debian	`cpe:/o:debian:debian_linux:-`	—
SUSE Linux SUSE	`cpe:/o:suse:suse_linux:-`	—
HPE ProLiant HPE / ProLiant	`cpe:/h:hp:proliant:-`	—
SUSE openSUSE SUSE	`cpe:/o:suse:opensuse:-`	—
HP Computer HP / Computer	`cpe:/h:hp:computer:-`	—
HPE ProLiant HPE / ProLiant	`cpe:/h:hp:proliant:-`	—
Intel Prozessor Xeon 6 family Intel / Prozessor	`cpe:/h:intel:intel_prozessor:xeon_6_family`	Xeon 6 family
Amazon Linux 2 Amazon	`cpe:/o:amazon:linux_2:-`	—
Lenovo Computer Lenovo	`cpe:/h:lenovo:computer:-`	—
Intel Prozessor Xeon W2400 and W3400 Intel / Prozessor	`cpe:/h:intel:intel_prozessor:xeon_w2400_and_w3400`	Xeon W2400 and W3400
Intel Prozessor Xeon 6 with E-cores Intel / Prozessor	`cpe:/h:intel:intel_prozessor:xeon_6_with_e-cores`	Xeon 6 with E-cores

CVE-2025-24305

Affected products

Known affected 17 products

Product	Identifier	Version
HP Computer HP / Computer	`cpe:/h:hp:computer:-`	—
Dell PowerEdge Dell / PowerEdge	`cpe:/h:dell:poweredge:-`	—
Dell PowerScale OneFS Dell / PowerScale	`cpe:/a:dell:powerscale_onefs:onefs`	OneFS
Intel Prozessor 5th, 4th Gen Xeon Scalable Processors Intel / Prozessor	`cpe:/h:intel:intel_prozessor:5th_4th_gen_xeon_scalable_processors`	5th, 4th Gen Xeon Scalable Processors
Dell Computer Dell	`cpe:/o:dell:dell_computer:-`	—
Dell PowerEdge Dell / PowerEdge	`cpe:/h:dell:poweredge:-`	—
Debian Linux Debian	`cpe:/o:debian:debian_linux:-`	—
SUSE Linux SUSE	`cpe:/o:suse:suse_linux:-`	—
HPE ProLiant HPE / ProLiant	`cpe:/h:hp:proliant:-`	—
SUSE openSUSE SUSE	`cpe:/o:suse:opensuse:-`	—
HP Computer HP / Computer	`cpe:/h:hp:computer:-`	—
HPE ProLiant HPE / ProLiant	`cpe:/h:hp:proliant:-`	—
Intel Prozessor Xeon 6 family Intel / Prozessor	`cpe:/h:intel:intel_prozessor:xeon_6_family`	Xeon 6 family
Amazon Linux 2 Amazon	`cpe:/o:amazon:linux_2:-`	—
Lenovo Computer Lenovo	`cpe:/h:lenovo:computer:-`	—
Intel Prozessor Xeon W2400 and W3400 Intel / Prozessor	`cpe:/h:intel:intel_prozessor:xeon_w2400_and_w3400`	Xeon W2400 and W3400
Intel Prozessor Xeon 6 with E-cores Intel / Prozessor	`cpe:/h:intel:intel_prozessor:xeon_6_with_e-cores`	Xeon 6 with E-cores

CVE-2025-20109

Affected products

Known affected 17 products

Product	Identifier	Version
HP Computer HP / Computer	`cpe:/h:hp:computer:-`	—
Dell PowerEdge Dell / PowerEdge	`cpe:/h:dell:poweredge:-`	—
Dell PowerScale OneFS Dell / PowerScale	`cpe:/a:dell:powerscale_onefs:onefs`	OneFS
Intel Prozessor Xeon 4,5,6 <1.5.16 Intel / Prozessor		Xeon 4,5,6 <1.5.16
Intel Prozessor 5th, 4th Gen Xeon Scalable Processors Intel / Prozessor	`cpe:/h:intel:intel_prozessor:5th_4th_gen_xeon_scalable_processors`	5th, 4th Gen Xeon Scalable Processors
Intel Prozessor Xeon 6 P-cores <2.0.8 Intel / Prozessor		Xeon 6 P-cores <2.0.8
Dell Computer Dell	`cpe:/o:dell:dell_computer:-`	—
Intel Prozessor <IPU 2025.2 Update Intel / Prozessor		<IPU 2025.2 Update
Dell PowerEdge Dell / PowerEdge	`cpe:/h:dell:poweredge:-`	—
Debian Linux Debian	`cpe:/o:debian:debian_linux:-`	—
SUSE Linux SUSE	`cpe:/o:suse:suse_linux:-`	—
HPE ProLiant HPE / ProLiant	`cpe:/h:hp:proliant:-`	—
SUSE openSUSE SUSE	`cpe:/o:suse:opensuse:-`	—
HP Computer HP / Computer	`cpe:/h:hp:computer:-`	—
HPE ProLiant HPE / ProLiant	`cpe:/h:hp:proliant:-`	—
Amazon Linux 2 Amazon	`cpe:/o:amazon:linux_2:-`	—
Lenovo Computer Lenovo	`cpe:/h:lenovo:computer:-`	—

CVE-2025-20613

Affected products

Known affected 16 products

Product	Identifier	Version
HP Computer HP / Computer	`cpe:/h:hp:computer:-`	—
Dell PowerEdge Dell / PowerEdge	`cpe:/h:dell:poweredge:-`	—
Dell PowerScale OneFS Dell / PowerScale	`cpe:/a:dell:powerscale_onefs:onefs`	OneFS
Intel Prozessor Xeon 4,5,6 <1.5.16 Intel / Prozessor		Xeon 4,5,6 <1.5.16
Intel Prozessor 5th, 4th Gen Xeon Scalable Processors Intel / Prozessor	`cpe:/h:intel:intel_prozessor:5th_4th_gen_xeon_scalable_processors`	5th, 4th Gen Xeon Scalable Processors
Intel Prozessor Xeon 6 P-cores <2.0.8 Intel / Prozessor		Xeon 6 P-cores <2.0.8
Dell Computer Dell	`cpe:/o:dell:dell_computer:-`	—
Dell PowerEdge Dell / PowerEdge	`cpe:/h:dell:poweredge:-`	—
Debian Linux Debian	`cpe:/o:debian:debian_linux:-`	—
SUSE Linux SUSE	`cpe:/o:suse:suse_linux:-`	—
HPE ProLiant HPE / ProLiant	`cpe:/h:hp:proliant:-`	—
SUSE openSUSE SUSE	`cpe:/o:suse:opensuse:-`	—
HP Computer HP / Computer	`cpe:/h:hp:computer:-`	—
HPE ProLiant HPE / ProLiant	`cpe:/h:hp:proliant:-`	—
Amazon Linux 2 Amazon	`cpe:/o:amazon:linux_2:-`	—
Lenovo Computer Lenovo	`cpe:/h:lenovo:computer:-`	—

CVE-2025-21096

Affected products

Known affected 16 products

Product	Identifier	Version
HP Computer HP / Computer	`cpe:/h:hp:computer:-`	—
Dell PowerEdge Dell / PowerEdge	`cpe:/h:dell:poweredge:-`	—
Dell PowerScale OneFS Dell / PowerScale	`cpe:/a:dell:powerscale_onefs:onefs`	OneFS
Intel Prozessor Xeon 4,5,6 <1.5.16 Intel / Prozessor		Xeon 4,5,6 <1.5.16
Intel Prozessor 5th, 4th Gen Xeon Scalable Processors Intel / Prozessor	`cpe:/h:intel:intel_prozessor:5th_4th_gen_xeon_scalable_processors`	5th, 4th Gen Xeon Scalable Processors
Intel Prozessor Xeon 6 P-cores <2.0.8 Intel / Prozessor		Xeon 6 P-cores <2.0.8
Dell Computer Dell	`cpe:/o:dell:dell_computer:-`	—
Dell PowerEdge Dell / PowerEdge	`cpe:/h:dell:poweredge:-`	—
Debian Linux Debian	`cpe:/o:debian:debian_linux:-`	—
SUSE Linux SUSE	`cpe:/o:suse:suse_linux:-`	—
HPE ProLiant HPE / ProLiant	`cpe:/h:hp:proliant:-`	—
SUSE openSUSE SUSE	`cpe:/o:suse:opensuse:-`	—
HP Computer HP / Computer	`cpe:/h:hp:computer:-`	—
HPE ProLiant HPE / ProLiant	`cpe:/h:hp:proliant:-`	—
Amazon Linux 2 Amazon	`cpe:/o:amazon:linux_2:-`	—
Lenovo Computer Lenovo	`cpe:/h:lenovo:computer:-`	—

CVE-2025-22853

Affected products

Known affected 16 products

Product	Identifier	Version
HP Computer HP / Computer	`cpe:/h:hp:computer:-`	—
Dell PowerEdge Dell / PowerEdge	`cpe:/h:dell:poweredge:-`	—
Dell PowerScale OneFS Dell / PowerScale	`cpe:/a:dell:powerscale_onefs:onefs`	OneFS
Intel Prozessor Xeon 4,5,6 <1.5.16 Intel / Prozessor		Xeon 4,5,6 <1.5.16
Intel Prozessor 5th, 4th Gen Xeon Scalable Processors Intel / Prozessor	`cpe:/h:intel:intel_prozessor:5th_4th_gen_xeon_scalable_processors`	5th, 4th Gen Xeon Scalable Processors
Intel Prozessor Xeon 6 P-cores <2.0.8 Intel / Prozessor		Xeon 6 P-cores <2.0.8
Dell Computer Dell	`cpe:/o:dell:dell_computer:-`	—
Dell PowerEdge Dell / PowerEdge	`cpe:/h:dell:poweredge:-`	—
Debian Linux Debian	`cpe:/o:debian:debian_linux:-`	—
SUSE Linux SUSE	`cpe:/o:suse:suse_linux:-`	—
HPE ProLiant HPE / ProLiant	`cpe:/h:hp:proliant:-`	—
SUSE openSUSE SUSE	`cpe:/o:suse:opensuse:-`	—
HP Computer HP / Computer	`cpe:/h:hp:computer:-`	—
HPE ProLiant HPE / ProLiant	`cpe:/h:hp:proliant:-`	—
Amazon Linux 2 Amazon	`cpe:/o:amazon:linux_2:-`	—
Lenovo Computer Lenovo	`cpe:/h:lenovo:computer:-`	—

CVE-2025-22840

Affected products

Known affected 17 products

Product	Identifier	Version
HP Computer HP / Computer	`cpe:/h:hp:computer:-`	—
Dell PowerEdge Dell / PowerEdge	`cpe:/h:dell:poweredge:-`	—
Dell PowerScale OneFS Dell / PowerScale	`cpe:/a:dell:powerscale_onefs:onefs`	OneFS
Intel Prozessor Xeon 4,5,6 <1.5.16 Intel / Prozessor		Xeon 4,5,6 <1.5.16
Intel Prozessor 5th, 4th Gen Xeon Scalable Processors Intel / Prozessor	`cpe:/h:intel:intel_prozessor:5th_4th_gen_xeon_scalable_processors`	5th, 4th Gen Xeon Scalable Processors
Intel Prozessor Xeon 6 P-cores <2.0.8 Intel / Prozessor		Xeon 6 P-cores <2.0.8
Dell Computer Dell	`cpe:/o:dell:dell_computer:-`	—
Dell PowerEdge Dell / PowerEdge	`cpe:/h:dell:poweredge:-`	—
Intel Prozessor Xeon 6 Scalable <010003A1 MR1 Intel / Prozessor		Xeon 6 Scalable <010003A1 MR1
Debian Linux Debian	`cpe:/o:debian:debian_linux:-`	—
SUSE Linux SUSE	`cpe:/o:suse:suse_linux:-`	—
HPE ProLiant HPE / ProLiant	`cpe:/h:hp:proliant:-`	—
SUSE openSUSE SUSE	`cpe:/o:suse:opensuse:-`	—
HP Computer HP / Computer	`cpe:/h:hp:computer:-`	—
HPE ProLiant HPE / ProLiant	`cpe:/h:hp:proliant:-`	—
Amazon Linux 2 Amazon	`cpe:/o:amazon:linux_2:-`	—
Lenovo Computer Lenovo	`cpe:/h:lenovo:computer:-`	—

CVE-2025-22889

Affected products

Known affected 17 products

Product	Identifier	Version
HP Computer HP / Computer	`cpe:/h:hp:computer:-`	—
Dell PowerEdge Dell / PowerEdge	`cpe:/h:dell:poweredge:-`	—
Dell PowerScale OneFS Dell / PowerScale	`cpe:/a:dell:powerscale_onefs:onefs`	OneFS
Intel Prozessor Xeon 4,5,6 <1.5.16 Intel / Prozessor		Xeon 4,5,6 <1.5.16
Intel Prozessor 5th, 4th Gen Xeon Scalable Processors Intel / Prozessor	`cpe:/h:intel:intel_prozessor:5th_4th_gen_xeon_scalable_processors`	5th, 4th Gen Xeon Scalable Processors
Intel Prozessor Xeon 6 P-cores <2.0.8 Intel / Prozessor		Xeon 6 P-cores <2.0.8
Dell Computer Dell	`cpe:/o:dell:dell_computer:-`	—
Intel Prozessor Xeon 6 P-cores <010003A1 MR1 Intel / Prozessor		Xeon 6 P-cores <010003A1 MR1
Dell PowerEdge Dell / PowerEdge	`cpe:/h:dell:poweredge:-`	—
Debian Linux Debian	`cpe:/o:debian:debian_linux:-`	—
SUSE Linux SUSE	`cpe:/o:suse:suse_linux:-`	—
HPE ProLiant HPE / ProLiant	`cpe:/h:hp:proliant:-`	—
SUSE openSUSE SUSE	`cpe:/o:suse:opensuse:-`	—
HP Computer HP / Computer	`cpe:/h:hp:computer:-`	—
HPE ProLiant HPE / ProLiant	`cpe:/h:hp:proliant:-`	—
Amazon Linux 2 Amazon	`cpe:/o:amazon:linux_2:-`	—
Lenovo Computer Lenovo	`cpe:/h:lenovo:computer:-`	—

CVE-2025-26403

Affected products

Known affected 16 products

Product	Identifier	Version
HP Computer HP / Computer	`cpe:/h:hp:computer:-`	—
Dell PowerEdge Dell / PowerEdge	`cpe:/h:dell:poweredge:-`	—
Dell PowerScale OneFS Dell / PowerScale	`cpe:/a:dell:powerscale_onefs:onefs`	OneFS
Intel Prozessor 5th, 4th Gen Xeon Scalable Processors Intel / Prozessor	`cpe:/h:intel:intel_prozessor:5th_4th_gen_xeon_scalable_processors`	5th, 4th Gen Xeon Scalable Processors
Dell Computer Dell	`cpe:/o:dell:dell_computer:-`	—
Dell PowerEdge Dell / PowerEdge	`cpe:/h:dell:poweredge:-`	—
Debian Linux Debian	`cpe:/o:debian:debian_linux:-`	—
SUSE Linux SUSE	`cpe:/o:suse:suse_linux:-`	—
HPE ProLiant HPE / ProLiant	`cpe:/h:hp:proliant:-`	—
SUSE openSUSE SUSE	`cpe:/o:suse:opensuse:-`	—
HP Computer HP / Computer	`cpe:/h:hp:computer:-`	—
HPE ProLiant HPE / ProLiant	`cpe:/h:hp:proliant:-`	—
Amazon Linux 2 Amazon	`cpe:/o:amazon:linux_2:-`	—
Lenovo Computer Lenovo	`cpe:/h:lenovo:computer:-`	—
Intel Prozessor Xeon 6 with P-cores Intel / Prozessor	`cpe:/h:intel:intel_prozessor:xeon_6_with_p-cores`	Xeon 6 with P-cores
Intel Prozessor Xeon 6 with E-cores Intel / Prozessor	`cpe:/h:intel:intel_prozessor:xeon_6_with_e-cores`	Xeon 6 with E-cores

CVE-2025-32086

Affected products

Known affected 16 products

Product	Identifier	Version
HP Computer HP / Computer	`cpe:/h:hp:computer:-`	—
Dell PowerEdge Dell / PowerEdge	`cpe:/h:dell:poweredge:-`	—
Dell PowerScale OneFS Dell / PowerScale	`cpe:/a:dell:powerscale_onefs:onefs`	OneFS
Intel Prozessor 5th, 4th Gen Xeon Scalable Processors Intel / Prozessor	`cpe:/h:intel:intel_prozessor:5th_4th_gen_xeon_scalable_processors`	5th, 4th Gen Xeon Scalable Processors
Dell Computer Dell	`cpe:/o:dell:dell_computer:-`	—
Dell PowerEdge Dell / PowerEdge	`cpe:/h:dell:poweredge:-`	—
Debian Linux Debian	`cpe:/o:debian:debian_linux:-`	—
SUSE Linux SUSE	`cpe:/o:suse:suse_linux:-`	—
HPE ProLiant HPE / ProLiant	`cpe:/h:hp:proliant:-`	—
SUSE openSUSE SUSE	`cpe:/o:suse:opensuse:-`	—
HP Computer HP / Computer	`cpe:/h:hp:computer:-`	—
HPE ProLiant HPE / ProLiant	`cpe:/h:hp:proliant:-`	—
Amazon Linux 2 Amazon	`cpe:/o:amazon:linux_2:-`	—
Lenovo Computer Lenovo	`cpe:/h:lenovo:computer:-`	—
Intel Prozessor Xeon 6 with P-cores Intel / Prozessor	`cpe:/h:intel:intel_prozessor:xeon_6_with_p-cores`	Xeon 6 with P-cores
Intel Prozessor Xeon 6 with E-cores Intel / Prozessor	`cpe:/h:intel:intel_prozessor:xeon_6_with_e-cores`	Xeon 6 with E-cores

CVE-2025-22839

Affected products

Known affected 27 products

Product	Identifier	Version
HP Computer HP / Computer	`cpe:/h:hp:computer:-`	—
Dell PowerEdge Dell / PowerEdge	`cpe:/h:dell:poweredge:-`	—
Intel Prozessor Xeon 4,5,6 <1.5.16 Intel / Prozessor		Xeon 4,5,6 <1.5.16
Intel Prozessor Xeon 6 P-cores <2.0.8 Intel / Prozessor		Xeon 6 P-cores <2.0.8
Dell Computer Dell	`cpe:/o:dell:dell_computer:-`	—
Dell PowerEdge Dell / PowerEdge	`cpe:/h:dell:poweredge:-`	—
Intel Prozessor 5th Gen Xeon TDX Module <1.5.13 Intel / Prozessor		5th Gen Xeon TDX Module <1.5.13
Intel Prozessor 4th Gen Xeon TDX Module <1.5.13 Intel / Prozessor		4th Gen Xeon TDX Module <1.5.13
HPE ProLiant HPE / ProLiant	`cpe:/h:hp:proliant:-`	—
Intel Prozessor Xeon 6 family Intel / Prozessor	`cpe:/h:intel:intel_prozessor:xeon_6_family`	Xeon 6 family
Amazon Linux 2 Amazon	`cpe:/o:amazon:linux_2:-`	—
Intel Prozessor Xeon W2400 and W3400 Intel / Prozessor	`cpe:/h:intel:intel_prozessor:xeon_w2400_and_w3400`	Xeon W2400 and W3400
Intel Prozessor Xeon 6 with P-cores Intel / Prozessor	`cpe:/h:intel:intel_prozessor:xeon_6_with_p-cores`	Xeon 6 with P-cores
Intel Prozessor Xeon 6 with E-cores Intel / Prozessor	`cpe:/h:intel:intel_prozessor:xeon_6_with_e-cores`	Xeon 6 with E-cores
Dell PowerScale OneFS Dell / PowerScale	`cpe:/a:dell:powerscale_onefs:onefs`	OneFS
Intel Prozessor 5th, 4th Gen Xeon Scalable Processors Intel / Prozessor	`cpe:/h:intel:intel_prozessor:5th_4th_gen_xeon_scalable_processors`	5th, 4th Gen Xeon Scalable Processors
Intel Prozessor Xeon 6 TDX Module <2.0.08 Intel / Prozessor		Xeon 6 TDX Module <2.0.08
Intel Prozessor Xeon 6 E-cores TDX Module <1.5.13 Intel / Prozessor		Xeon 6 E-cores TDX Module <1.5.13
Intel Prozessor <IPU 2025.2 Update Intel / Prozessor		<IPU 2025.2 Update
Intel Prozessor Xeon 6 P-cores <010003A1 MR1 Intel / Prozessor		Xeon 6 P-cores <010003A1 MR1
Intel Prozessor Xeon 6 Scalable <010003A1 MR1 Intel / Prozessor		Xeon 6 Scalable <010003A1 MR1
Debian Linux Debian	`cpe:/o:debian:debian_linux:-`	—
SUSE Linux SUSE	`cpe:/o:suse:suse_linux:-`	—
HPE ProLiant HPE / ProLiant	`cpe:/h:hp:proliant:-`	—
SUSE openSUSE SUSE	`cpe:/o:suse:opensuse:-`	—
HP Computer HP / Computer	`cpe:/h:hp:computer:-`	—
Lenovo Computer Lenovo	`cpe:/h:lenovo:computer:-`	—

References

29 references

URL	Category
https://wid.cert-bund.de/.well-known/csaf/white/2…	self
https://wid.cert-bund.de/portal/wid/securityadvis…	self
https://www.intel.com/content/www/us/en/security-…	external
https://www.intel.com/content/www/us/en/security-…	external
https://www.intel.com/content/www/us/en/security-…	external
https://www.intel.com/content/www/us/en/security-…	external
https://intel.com/content/www/us/en/security-cent…	external
https://support.lenovo.com/us/en/product_security…	external
https://www.dell.com/support/kbdoc/000356015	external
https://www.dell.com/support/kbdoc/de-de/00032139…	external
https://www.dell.com/support/kbdoc/000355904	external
https://support.hp.com/de-de/document/ish_1288845…	external
https://support.hpe.com/hpesc/public/docDisplay?d…	external
https://support.hpe.com/hpesc/public/docDisplay?d…	external
https://lists.opensuse.org/archives/list/security…	external
https://lists.suse.com/pipermail/sle-security-upd…	external
https://lists.suse.com/pipermail/sle-security-upd…	external
https://www.dell.com/support/kbdoc/de-de/00036491…	external
https://lists.suse.com/pipermail/sle-security-upd…	external
https://lists.suse.com/pipermail/sle-security-upd…	external
https://alas.aws.amazon.com/AL2/ALAS2-2025-2994.html	external
https://alas.aws.amazon.com/AL2/ALAS2-2025-2993.html	external
https://lists.suse.com/pipermail/sle-security-upd…	external
https://alas.aws.amazon.com/AL2/ALAS2-2025-3014.html	external
https://www.dell.com/support/kbdoc/de-de/00036369…	external
https://lists.debian.org/debian-security-announce…	external
https://support.hpe.com/hpesc/public/docDisplay?d…	external
https://lists.debian.org/debian-lts-announce/2025…	external
https://support.hp.com/us-en/document/ish_1317605…	external

JSON

To clipboard

{
  "document": {
    "aggregate_severity": {
      "text": "mittel"
    },
    "category": "csaf_base",
    "csaf_version": "2.0",
    "distribution": {
      "tlp": {
        "label": "WHITE",
        "url": "https://www.first.org/tlp/"
      }
    },
    "lang": "de-DE",
    "notes": [
      {
        "category": "legal_disclaimer",
        "text": "Das BSI ist als Anbieter f\u00fcr die eigenen, zur Nutzung bereitgestellten Inhalte nach den allgemeinen Gesetzen verantwortlich. Nutzerinnen und Nutzer sind jedoch daf\u00fcr verantwortlich, die Verwendung und/oder die Umsetzung der mit den Inhalten bereitgestellten Informationen sorgf\u00e4ltig im Einzelfall zu pr\u00fcfen."
      },
      {
        "category": "description",
        "text": "Der Prozessor ist das zentrale Rechenwerk eines Computers.",
        "title": "Produktbeschreibung"
      },
      {
        "category": "summary",
        "text": "Ein lokaler Angreifer kann mehrere Schwachstellen in Intel Prozessor ausnutzen, um seine Privilegien zu erh\u00f6hen, vertrauliche Informationen offenzulegen und einen Denial-of-Service-Zustand herbeizuf\u00fchren.",
        "title": "Angriff"
      },
      {
        "category": "general",
        "text": "- Hardware Appliance\n- Sonstiges",
        "title": "Betroffene Betriebssysteme"
      }
    ],
    "publisher": {
      "category": "other",
      "contact_details": "csaf-provider@cert-bund.de",
      "name": "Bundesamt f\u00fcr Sicherheit in der Informationstechnik",
      "namespace": "https://www.bsi.bund.de"
    },
    "references": [
      {
        "category": "self",
        "summary": "WID-SEC-W-2025-1785 - CSAF Version",
        "url": "https://wid.cert-bund.de/.well-known/csaf/white/2025/wid-sec-w-2025-1785.json"
      },
      {
        "category": "self",
        "summary": "WID-SEC-2025-1785 - Portal Version",
        "url": "https://wid.cert-bund.de/portal/wid/securityadvisory?name=WID-SEC-2025-1785"
      },
      {
        "category": "external",
        "summary": "Intel Security Advisory INTEL-SA-01245 vom 2025-08-12",
        "url": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-01245.html"
      },
      {
        "category": "external",
        "summary": "Intel Security Advisory INTEL-SA-01249 vom 2025-08-12",
        "url": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-01249.html"
      },
      {
        "category": "external",
        "summary": "Intel Security Advisory INTEL-SA-01308 vom 2025-08-12",
        "url": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-01308.html"
      },
      {
        "category": "external",
        "summary": "Intel Security Advisory INTEL-SA-01311 vom 2025-08-12",
        "url": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-01311.html"
      },
      {
        "category": "external",
        "summary": "Intel Security Advisory INTEL-SA-01310 vom 2025-08-12",
        "url": "https://intel.com/content/www/us/en/security-center/advisory/intel-sa-01310.html"
      },
      {
        "category": "external",
        "summary": "Lenovo Security Advisory LEN-200921 vom 2025-08-13",
        "url": "https://support.lenovo.com/us/en/product_security/LEN-200921"
      },
      {
        "category": "external",
        "summary": "Dell Security Advisory DSA-2025-323 vom 2025-08-13",
        "url": "https://www.dell.com/support/kbdoc/000356015"
      },
      {
        "category": "external",
        "summary": "Dell Security Advisory DSA-2025-211 vom 2025-08-12",
        "url": "https://www.dell.com/support/kbdoc/de-de/000321391/dsa-2025-211"
      },
      {
        "category": "external",
        "summary": "Dell Security Advisory DSA-2025-324 vom 2025-08-14",
        "url": "https://www.dell.com/support/kbdoc/000355904"
      },
      {
        "category": "external",
        "summary": "HP Security Bulletin HPSBHF04046 vom 2025-07-24",
        "url": "https://support.hp.com/de-de/document/ish_12888454-12888476-16/HPSBHF04046"
      },
      {
        "category": "external",
        "summary": "HP Security Bulletin HPESBHF04933 vom 2025-08-19",
        "url": "https://support.hpe.com/hpesc/public/docDisplay?docId=hpesbhf04933en_us\u0026docLocale=en_US"
      },
      {
        "category": "external",
        "summary": "HP Security Bulletin HPESBHF04934 vom 2025-08-19",
        "url": "https://support.hpe.com/hpesc/public/docDisplay?docId=hpesbhf04934en_us\u0026docLocale=en_US"
      },
      {
        "category": "external",
        "summary": "openSUSE Security Update OPENSUSE-SU-2025:15492-1 vom 2025-08-26",
        "url": "https://lists.opensuse.org/archives/list/security-announce@lists.opensuse.org/thread/QCD4LGWFI6GUGOAC53YPUAQNABKWJ3FA/"
      },
      {
        "category": "external",
        "summary": "SUSE Security Update SUSE-SU-2025:03052-1 vom 2025-09-02",
        "url": "https://lists.suse.com/pipermail/sle-security-updates/2025-September/022382.html"
      },
      {
        "category": "external",
        "summary": "SUSE Security Update SUSE-SU-2025:03053-1 vom 2025-09-02",
        "url": "https://lists.suse.com/pipermail/sle-security-updates/2025-September/022381.html"
      },
      {
        "category": "external",
        "summary": "Dell Security Advisory DSA-2025-297 vom 2025-09-03",
        "url": "https://www.dell.com/support/kbdoc/de-de/000364913/dsa-2025-297-security-update-for-dell-poweredge-server-for-intel-2025-security-advisories-2025-3-ipu"
      },
      {
        "category": "external",
        "summary": "SUSE Security Update SUSE-SU-2025:03116-1 vom 2025-09-09",
        "url": "https://lists.suse.com/pipermail/sle-security-updates/2025-September/022411.html"
      },
      {
        "category": "external",
        "summary": "SUSE Security Update SUSE-SU-2025:20691-1 vom 2025-09-10",
        "url": "https://lists.suse.com/pipermail/sle-security-updates/2025-September/022460.html"
      },
      {
        "category": "external",
        "summary": "Amazon Linux Security Advisory ALAS2-2025-2994 vom 2025-09-16",
        "url": "https://alas.aws.amazon.com/AL2/ALAS2-2025-2994.html"
      },
      {
        "category": "external",
        "summary": "Amazon Linux Security Advisory ALAS2-2025-2993 vom 2025-09-16",
        "url": "https://alas.aws.amazon.com/AL2/ALAS2-2025-2993.html"
      },
      {
        "category": "external",
        "summary": "SUSE Security Update SUSE-SU-2025:20715-1 vom 2025-09-17",
        "url": "https://lists.suse.com/pipermail/sle-security-updates/2025-September/022557.html"
      },
      {
        "category": "external",
        "summary": "Amazon Linux Security Advisory ALAS2-2025-3014 vom 2025-09-29",
        "url": "https://alas.aws.amazon.com/AL2/ALAS2-2025-3014.html"
      },
      {
        "category": "external",
        "summary": "Dell Security Advisory DSA-2025-166 vom 2025-10-14",
        "url": "https://www.dell.com/support/kbdoc/de-de/000363693/dsa-2025-166-security-update-for-dell-powerscale-onefs-multiple-third-party-component-vulnerabilities"
      },
      {
        "category": "external",
        "summary": "Debian Security Advisory DSA-6030 vom 2025-10-22",
        "url": "https://lists.debian.org/debian-security-announce/2025/msg00196.html"
      },
      {
        "category": "external",
        "summary": "HP Security Bulletin HPESBHF04916 vom 2025-10-23",
        "url": "https://support.hpe.com/hpesc/public/docDisplay?docId=hpesbhf04916en_us\u0026docLocale=en_US"
      },
      {
        "category": "external",
        "summary": "Debian Security Advisory DLA-4347 vom 2025-10-25",
        "url": "https://lists.debian.org/debian-lts-announce/2025/10/msg00027.html"
      },
      {
        "category": "external",
        "summary": "HP Security Bulletin HPSBHF04071 vom 2025-10-09",
        "url": "https://support.hp.com/us-en/document/ish_13176059-13176083-16/HPSBHF04071"
      }
    ],
    "source_lang": "en-US",
    "title": "Intel Prozessoren: Mehrere Schwachstellen",
    "tracking": {
      "current_release_date": "2025-10-29T23:00:00.000+00:00",
      "generator": {
        "date": "2025-10-30T08:13:48.211+00:00",
        "engine": {
          "name": "BSI-WID",
          "version": "1.4.0"
        }
      },
      "id": "WID-SEC-W-2025-1785",
      "initial_release_date": "2025-08-12T22:00:00.000+00:00",
      "revision_history": [
        {
          "date": "2025-08-12T22:00:00.000+00:00",
          "number": "1",
          "summary": "Initiale Fassung"
        },
        {
          "date": "2025-08-13T22:00:00.000+00:00",
          "number": "2",
          "summary": "Neue Updates von Dell und HP aufgenommen"
        },
        {
          "date": "2025-08-19T22:00:00.000+00:00",
          "number": "3",
          "summary": "Neue Updates von HP aufgenommen"
        },
        {
          "date": "2025-08-26T22:00:00.000+00:00",
          "number": "4",
          "summary": "Neue Updates von openSUSE aufgenommen"
        },
        {
          "date": "2025-09-02T22:00:00.000+00:00",
          "number": "5",
          "summary": "Neue Updates von SUSE aufgenommen"
        },
        {
          "date": "2025-09-03T22:00:00.000+00:00",
          "number": "6",
          "summary": "Neue Updates von Dell aufgenommen"
        },
        {
          "date": "2025-09-09T22:00:00.000+00:00",
          "number": "7",
          "summary": "Neue Updates von SUSE aufgenommen"
        },
        {
          "date": "2025-09-10T22:00:00.000+00:00",
          "number": "8",
          "summary": "Neue Updates von SUSE aufgenommen"
        },
        {
          "date": "2025-09-16T22:00:00.000+00:00",
          "number": "9",
          "summary": "Neue Updates von Amazon aufgenommen"
        },
        {
          "date": "2025-09-17T22:00:00.000+00:00",
          "number": "10",
          "summary": "Neue Updates von SUSE aufgenommen"
        },
        {
          "date": "2025-09-29T22:00:00.000+00:00",
          "number": "11",
          "summary": "Neue Updates von Amazon aufgenommen"
        },
        {
          "date": "2025-10-13T22:00:00.000+00:00",
          "number": "12",
          "summary": "Neue Updates von Dell aufgenommen"
        },
        {
          "date": "2025-10-22T22:00:00.000+00:00",
          "number": "13",
          "summary": "Neue Updates von Debian und HP aufgenommen"
        },
        {
          "date": "2025-10-26T23:00:00.000+00:00",
          "number": "14",
          "summary": "Neue Updates von Debian aufgenommen"
        },
        {
          "date": "2025-10-29T23:00:00.000+00:00",
          "number": "15",
          "summary": "Neue Updates von HP aufgenommen"
        }
      ],
      "status": "final",
      "version": "15"
    }
  },
  "product_tree": {
    "branches": [
      {
        "branches": [
          {
            "category": "product_name",
            "name": "Amazon Linux 2",
            "product": {
              "name": "Amazon Linux 2",
              "product_id": "398363",
              "product_identification_helper": {
                "cpe": "cpe:/o:amazon:linux_2:-"
              }
            }
          }
        ],
        "category": "vendor",
        "name": "Amazon"
      },
      {
        "branches": [
          {
            "category": "product_name",
            "name": "Debian Linux",
            "product": {
              "name": "Debian Linux",
              "product_id": "2951",
              "product_identification_helper": {
                "cpe": "cpe:/o:debian:debian_linux:-"
              }
            }
          }
        ],
        "category": "vendor",
        "name": "Debian"
      },
      {
        "branches": [
          {
            "category": "product_name",
            "name": "Dell Computer",
            "product": {
              "name": "Dell Computer",
              "product_id": "T036868",
              "product_identification_helper": {
                "cpe": "cpe:/o:dell:dell_computer:-"
              }
            }
          },
          {
            "branches": [
              {
                "category": "product_name",
                "name": "Dell PowerEdge",
                "product": {
                  "name": "Dell PowerEdge",
                  "product_id": "T019535",
                  "product_identification_helper": {
                    "cpe": "cpe:/h:dell:poweredge:-"
                  }
                }
              },
              {
                "category": "product_name",
                "name": "Dell PowerEdge",
                "product": {
                  "name": "Dell PowerEdge",
                  "product_id": "T033533",
                  "product_identification_helper": {
                    "cpe": "cpe:/h:dell:poweredge:-"
                  }
                }
              }
            ],
            "category": "product_name",
            "name": "PowerEdge"
          },
          {
            "branches": [
              {
                "category": "product_version",
                "name": "OneFS",
                "product": {
                  "name": "Dell PowerScale OneFS",
                  "product_id": "T034610",
                  "product_identification_helper": {
                    "cpe": "cpe:/a:dell:powerscale_onefs:onefs"
                  }
                }
              }
            ],
            "category": "product_name",
            "name": "PowerScale"
          }
        ],
        "category": "vendor",
        "name": "Dell"
      },
      {
        "branches": [
          {
            "branches": [
              {
                "category": "product_name",
                "name": "HP Computer",
                "product": {
                  "name": "HP Computer",
                  "product_id": "T030989",
                  "product_identification_helper": {
                    "cpe": "cpe:/h:hp:computer:-"
                  }
                }
              },
              {
                "category": "product_name",
                "name": "HP Computer",
                "product": {
                  "name": "HP Computer",
                  "product_id": "T032786",
                  "product_identification_helper": {
                    "cpe": "cpe:/h:hp:computer:-"
                  }
                }
              }
            ],
            "category": "product_name",
            "name": "Computer"
          }
        ],
        "category": "vendor",
        "name": "HP"
      },
      {
        "branches": [
          {
            "branches": [
              {
                "category": "product_name",
                "name": "HPE ProLiant",
                "product": {
                  "name": "HPE ProLiant",
                  "product_id": "T027705",
                  "product_identification_helper": {
                    "cpe": "cpe:/h:hp:proliant:-"
                  }
                }
              },
              {
                "category": "product_name",
                "name": "HPE ProLiant",
                "product": {
                  "name": "HPE ProLiant",
                  "product_id": "T027712",
                  "product_identification_helper": {
                    "cpe": "cpe:/h:hp:proliant:-"
                  }
                }
              }
            ],
            "category": "product_name",
            "name": "ProLiant"
          }
        ],
        "category": "vendor",
        "name": "HPE"
      },
      {
        "branches": [
          {
            "branches": [
              {
                "category": "product_version_range",
                "name": "4th Gen Xeon TDX Module \u003c1.5.13",
                "product": {
                  "name": "Intel Prozessor 4th Gen Xeon TDX Module \u003c1.5.13",
                  "product_id": "T045803"
                }
              },
              {
                "category": "product_version",
                "name": "4th Gen Xeon TDX Module 1.5.13",
                "product": {
                  "name": "Intel Prozessor 4th Gen Xeon TDX Module 1.5.13",
                  "product_id": "T045803-fixed",
                  "product_identification_helper": {
                    "cpe": "cpe:/h:intel:intel_prozessor:4th_gen_xeon_tdx_module__1.5.13"
                  }
                }
              },
              {
                "category": "product_version_range",
                "name": "5th Gen Xeon TDX Module \u003c1.5.13",
                "product": {
                  "name": "Intel Prozessor 5th Gen Xeon TDX Module \u003c1.5.13",
                  "product_id": "T045804"
                }
              },
              {
                "category": "product_version",
                "name": "5th Gen Xeon TDX Module 1.5.13",
                "product": {
                  "name": "Intel Prozessor 5th Gen Xeon TDX Module 1.5.13",
                  "product_id": "T045804-fixed",
                  "product_identification_helper": {
                    "cpe": "cpe:/h:intel:intel_prozessor:5th_gen_xeon_tdx_module__1.5.13"
                  }
                }
              },
              {
                "category": "product_version_range",
                "name": "Xeon 6 E-cores TDX Module \u003c1.5.13",
                "product": {
                  "name": "Intel Prozessor Xeon 6 E-cores TDX Module \u003c1.5.13",
                  "product_id": "T045805"
                }
              },
              {
                "category": "product_version",
                "name": "Xeon 6 E-cores TDX Module 1.5.13",
                "product": {
                  "name": "Intel Prozessor Xeon 6 E-cores TDX Module 1.5.13",
                  "product_id": "T045805-fixed",
                  "product_identification_helper": {
                    "cpe": "cpe:/h:intel:intel_prozessor:xeon_6_e-cores_tdx_module__1.5.13"
                  }
                }
              },
              {
                "category": "product_version_range",
                "name": "Xeon 6 TDX Module \u003c2.0.08",
                "product": {
                  "name": "Intel Prozessor Xeon 6 TDX Module \u003c2.0.08",
                  "product_id": "T045806"
                }
              },
              {
                "category": "product_version",
                "name": "Xeon 6 TDX Module 2.0.08",
                "product": {
                  "name": "Intel Prozessor Xeon 6 TDX Module 2.0.08",
                  "product_id": "T045806-fixed",
                  "product_identification_helper": {
                    "cpe": "cpe:/h:intel:intel_prozessor:xeon_6_tdx_module__2.0.08"
                  }
                }
              },
              {
                "category": "product_version_range",
                "name": "\u003cIPU 2025.2 Update",
                "product": {
                  "name": "Intel Prozessor \u003cIPU 2025.2 Update",
                  "product_id": "T045807"
                }
              },
              {
                "category": "product_version",
                "name": "IPU 2025.2 Update",
                "product": {
                  "name": "Intel Prozessor IPU 2025.2 Update",
                  "product_id": "T045807-fixed",
                  "product_identification_helper": {
                    "cpe": "cpe:/h:intel:intel_prozessor:ipu_2025.2_update"
                  }
                }
              },
              {
                "category": "product_version_range",
                "name": "Xeon 6 P-cores \u003c010003A1 MR1",
                "product": {
                  "name": "Intel Prozessor Xeon 6 P-cores \u003c010003A1 MR1",
                  "product_id": "T045809"
                }
              },
              {
                "category": "product_version",
                "name": "Xeon 6 P-cores 010003A1 MR1",
                "product": {
                  "name": "Intel Prozessor Xeon 6 P-cores 010003A1 MR1",
                  "product_id": "T045809-fixed",
                  "product_identification_helper": {
                    "cpe": "cpe:/h:intel:intel_prozessor:xeon_6_p-cores__010003a1_mr1"
                  }
                }
              },
              {
                "category": "product_version_range",
                "name": "Xeon 6 Scalable \u003c010003A1 MR1",
                "product": {
                  "name": "Intel Prozessor Xeon 6 Scalable \u003c010003A1 MR1",
                  "product_id": "T045810"
                }
              },
              {
                "category": "product_version",
                "name": "Xeon 6 Scalable 010003A1 MR1",
                "product": {
                  "name": "Intel Prozessor Xeon 6 Scalable 010003A1 MR1",
                  "product_id": "T045810-fixed",
                  "product_identification_helper": {
                    "cpe": "cpe:/h:intel:intel_prozessor:xeon_6_scalable__010003a1_mr1"
                  }
                }
              },
              {
                "category": "product_version_range",
                "name": "Xeon 4,5,6 \u003c1.5.16",
                "product": {
                  "name": "Intel Prozessor Xeon 4,5,6 \u003c1.5.16",
                  "product_id": "T046051"
                }
              },
              {
                "category": "product_version",
                "name": "Xeon 4,5,6 1.5.16",
                "product": {
                  "name": "Intel Prozessor Xeon 4,5,6 1.5.16",
                  "product_id": "T046051-fixed",
                  "product_identification_helper": {
                    "cpe": "cpe:/h:intel:intel_prozessor:xeon_456__1.5.16"
                  }
                }
              },
              {
                "category": "product_version_range",
                "name": "Xeon 6 P-cores \u003c2.0.8",
                "product": {
                  "name": "Intel Prozessor Xeon 6 P-cores \u003c2.0.8",
                  "product_id": "T046052"
                }
              },
              {
                "category": "product_version",
                "name": "Xeon 6 P-cores 2.0.8",
                "product": {
                  "name": "Intel Prozessor Xeon 6 P-cores 2.0.8",
                  "product_id": "T046052-fixed",
                  "product_identification_helper": {
                    "cpe": "cpe:/h:intel:intel_prozessor:xeon_6_p-cores__2.0.8"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "Xeon W2400 and W3400",
                "product": {
                  "name": "Intel Prozessor Xeon W2400 and W3400",
                  "product_id": "T046054",
                  "product_identification_helper": {
                    "cpe": "cpe:/h:intel:intel_prozessor:xeon_w2400_and_w3400"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "Xeon 6 family",
                "product": {
                  "name": "Intel Prozessor Xeon 6 family",
                  "product_id": "T046056",
                  "product_identification_helper": {
                    "cpe": "cpe:/h:intel:intel_prozessor:xeon_6_family"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "Xeon 6 with E-cores",
                "product": {
                  "name": "Intel Prozessor Xeon 6 with E-cores",
                  "product_id": "T046057",
                  "product_identification_helper": {
                    "cpe": "cpe:/h:intel:intel_prozessor:xeon_6_with_e-cores"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "Xeon 6 with P-cores",
                "product": {
                  "name": "Intel Prozessor Xeon 6 with P-cores",
                  "product_id": "T046059",
                  "product_identification_helper": {
                    "cpe": "cpe:/h:intel:intel_prozessor:xeon_6_with_p-cores"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "5th, 4th Gen Xeon Scalable Processors",
                "product": {
                  "name": "Intel Prozessor 5th, 4th Gen Xeon Scalable Processors",
                  "product_id": "T046063",
                  "product_identification_helper": {
                    "cpe": "cpe:/h:intel:intel_prozessor:5th_4th_gen_xeon_scalable_processors"
                  }
                }
              }
            ],
            "category": "product_name",
            "name": "Prozessor"
          }
        ],
        "category": "vendor",
        "name": "Intel"
      },
      {
        "branches": [
          {
            "category": "product_name",
            "name": "Lenovo Computer",
            "product": {
              "name": "Lenovo Computer",
              "product_id": "T026557",
              "product_identification_helper": {
                "cpe": "cpe:/h:lenovo:computer:-"
              }
            }
          }
        ],
        "category": "vendor",
        "name": "Lenovo"
      },
      {
        "branches": [
          {
            "category": "product_name",
            "name": "SUSE Linux",
            "product": {
              "name": "SUSE Linux",
              "product_id": "T002207",
              "product_identification_helper": {
                "cpe": "cpe:/o:suse:suse_linux:-"
              }
            }
          },
          {
            "category": "product_name",
            "name": "SUSE openSUSE",
            "product": {
              "name": "SUSE openSUSE",
              "product_id": "T027843",
              "product_identification_helper": {
                "cpe": "cpe:/o:suse:opensuse:-"
              }
            }
          }
        ],
        "category": "vendor",
        "name": "SUSE"
      }
    ]
  },
  "vulnerabilities": [
    {
      "cve": "CVE-2025-20044",
      "product_status": {
        "known_affected": [
          "T032786",
          "T033533",
          "T034610",
          "T046051",
          "T046063",
          "T046052",
          "T036868",
          "T045806",
          "T045805",
          "T019535",
          "2951",
          "T002207",
          "T027705",
          "T045804",
          "T045803",
          "T027843",
          "T030989",
          "T027712",
          "398363",
          "T026557"
        ]
      },
      "release_date": "2025-08-12T22:00:00.000+00:00",
      "title": "CVE-2025-20044"
    },
    {
      "cve": "CVE-2025-20053",
      "product_status": {
        "known_affected": [
          "T032786",
          "T033533",
          "T034610",
          "T046063",
          "T036868",
          "T019535",
          "2951",
          "T002207",
          "T027705",
          "T027843",
          "T030989",
          "T027712",
          "T046056",
          "398363",
          "T026557",
          "T046054",
          "T046057"
        ]
      },
      "release_date": "2025-08-12T22:00:00.000+00:00",
      "title": "CVE-2025-20053"
    },
    {
      "cve": "CVE-2025-21090",
      "product_status": {
        "known_affected": [
          "T032786",
          "T033533",
          "T034610",
          "T046063",
          "T036868",
          "T019535",
          "2951",
          "T002207",
          "T027705",
          "T027843",
          "T030989",
          "T027712",
          "T046056",
          "398363",
          "T026557",
          "T046054",
          "T046057"
        ]
      },
      "release_date": "2025-08-12T22:00:00.000+00:00",
      "title": "CVE-2025-21090"
    },
    {
      "cve": "CVE-2025-24305",
      "product_status": {
        "known_affected": [
          "T032786",
          "T033533",
          "T034610",
          "T046063",
          "T036868",
          "T019535",
          "2951",
          "T002207",
          "T027705",
          "T027843",
          "T030989",
          "T027712",
          "T046056",
          "398363",
          "T026557",
          "T046054",
          "T046057"
        ]
      },
      "release_date": "2025-08-12T22:00:00.000+00:00",
      "title": "CVE-2025-24305"
    },
    {
      "cve": "CVE-2025-20109",
      "product_status": {
        "known_affected": [
          "T032786",
          "T033533",
          "T034610",
          "T046051",
          "T046063",
          "T046052",
          "T036868",
          "T045807",
          "T019535",
          "2951",
          "T002207",
          "T027705",
          "T027843",
          "T030989",
          "T027712",
          "398363",
          "T026557"
        ]
      },
      "release_date": "2025-08-12T22:00:00.000+00:00",
      "title": "CVE-2025-20109"
    },
    {
      "cve": "CVE-2025-20613",
      "product_status": {
        "known_affected": [
          "T032786",
          "T033533",
          "T034610",
          "T046051",
          "T046063",
          "T046052",
          "T036868",
          "T019535",
          "2951",
          "T002207",
          "T027705",
          "T027843",
          "T030989",
          "T027712",
          "398363",
          "T026557"
        ]
      },
      "release_date": "2025-08-12T22:00:00.000+00:00",
      "title": "CVE-2025-20613"
    },
    {
      "cve": "CVE-2025-21096",
      "product_status": {
        "known_affected": [
          "T032786",
          "T033533",
          "T034610",
          "T046051",
          "T046063",
          "T046052",
          "T036868",
          "T019535",
          "2951",
          "T002207",
          "T027705",
          "T027843",
          "T030989",
          "T027712",
          "398363",
          "T026557"
        ]
      },
      "release_date": "2025-08-12T22:00:00.000+00:00",
      "title": "CVE-2025-21096"
    },
    {
      "cve": "CVE-2025-22853",
      "product_status": {
        "known_affected": [
          "T032786",
          "T033533",
          "T034610",
          "T046051",
          "T046063",
          "T046052",
          "T036868",
          "T019535",
          "2951",
          "T002207",
          "T027705",
          "T027843",
          "T030989",
          "T027712",
          "398363",
          "T026557"
        ]
      },
      "release_date": "2025-08-12T22:00:00.000+00:00",
      "title": "CVE-2025-22853"
    },
    {
      "cve": "CVE-2025-22840",
      "product_status": {
        "known_affected": [
          "T032786",
          "T033533",
          "T034610",
          "T046051",
          "T046063",
          "T046052",
          "T036868",
          "T019535",
          "T045810",
          "2951",
          "T002207",
          "T027705",
          "T027843",
          "T030989",
          "T027712",
          "398363",
          "T026557"
        ]
      },
      "release_date": "2025-08-12T22:00:00.000+00:00",
      "title": "CVE-2025-22840"
    },
    {
      "cve": "CVE-2025-22889",
      "product_status": {
        "known_affected": [
          "T032786",
          "T033533",
          "T034610",
          "T046051",
          "T046063",
          "T046052",
          "T036868",
          "T045809",
          "T019535",
          "2951",
          "T002207",
          "T027705",
          "T027843",
          "T030989",
          "T027712",
          "398363",
          "T026557"
        ]
      },
      "release_date": "2025-08-12T22:00:00.000+00:00",
      "title": "CVE-2025-22889"
    },
    {
      "cve": "CVE-2025-26403",
      "product_status": {
        "known_affected": [
          "T032786",
          "T033533",
          "T034610",
          "T046063",
          "T036868",
          "T019535",
          "2951",
          "T002207",
          "T027705",
          "T027843",
          "T030989",
          "T027712",
          "398363",
          "T026557",
          "T046059",
          "T046057"
        ]
      },
      "release_date": "2025-08-12T22:00:00.000+00:00",
      "title": "CVE-2025-26403"
    },
    {
      "cve": "CVE-2025-32086",
      "product_status": {
        "known_affected": [
          "T032786",
          "T033533",
          "T034610",
          "T046063",
          "T036868",
          "T019535",
          "2951",
          "T002207",
          "T027705",
          "T027843",
          "T030989",
          "T027712",
          "398363",
          "T026557",
          "T046059",
          "T046057"
        ]
      },
      "release_date": "2025-08-12T22:00:00.000+00:00",
      "title": "CVE-2025-32086"
    },
    {
      "cve": "CVE-2025-22839",
      "product_status": {
        "known_affected": [
          "T032786",
          "T033533",
          "T046051",
          "T046052",
          "T036868",
          "T019535",
          "T045804",
          "T045803",
          "T027712",
          "T046056",
          "398363",
          "T046054",
          "T046059",
          "T046057",
          "T034610",
          "T046063",
          "T045806",
          "T045805",
          "T045807",
          "T045809",
          "T045810",
          "2951",
          "T002207",
          "T027705",
          "T027843",
          "T030989",
          "T026557"
        ]
      },
      "release_date": "2025-08-12T22:00:00.000+00:00",
      "title": "CVE-2025-22839"
    }
  ]
}

Sightings

Author	Source	Type	Date	Other

Nomenclature

Seen: The vulnerability was mentioned, discussed, or observed by the user.
Confirmed: The vulnerability has been validated from an analyst's perspective.
Published Proof of Concept: A public proof of concept is available for this vulnerability.
Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
Not confirmed: The user expressed doubt about the validity of the vulnerability.
Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.

Detection rules are retrieved from Rulezet.

Action not permitted

CVE-2025-32086 (GCVE-0-2025-32086)

SUSE-SU-2025:20715-1

WID-SEC-W-2025-1785

Tags

Sightings

Nomenclature