ALPINE-CVE-2025-20109

ALPINE-CVE-2025-20109 PUBLISHED CVSS 7.300000190734863 HIGH

Improper Isolation or Compartmentalization in the stream cache mechanism for some Intel(R) Processors may allow an authenticated user to potentially enable escalation of privilege via local access.

Risk Scores

CVSS v4.0

7.300000190734863

CVSS:4.0/AV:L/AC:H/AT:P/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X

Affected Products

Vendor	Product	Versions
Alpine:v3.19	intel-ucode	20250512-r0, 20250211-r0, 20241112-r0
Alpine:v3.22	intel-ucode	20220809-r0, 20221108-r0, 20230214-r0
Alpine:v3.23	intel-ucode	20180312-r0, 0, 20130222-r0
Alpine:v3.20	intel-ucode	20230512-r0, 0, 20170511-r0
Alpine:v3.21	intel-ucode	20170511-r0, 20130222-r0, 0

Timeline

Aug 12, 2025 CVE Published
Dec 3, 2025 CVE Updated
Apr 30, 2026 Distribution Patch

References

https://security.alpinelinux.org/vuln/CVE-2025-20109 advisory

Open in Interactive Console →