VDB

GCVE-110-MAGEIA-2025-236

GCVE-110-MAGEIA-2025-236
Advisory Published
Vulnetix · Advisory published October 10, 2025
The updated package updates AMD cpu microcode for processor family 19h, adds AMD cpu microcode for processor family 1ah and fixes security vulnerabilities for Intel processors: Improper Isolation or Compartmentalization in the stream cache mechanism for some Intel® Processors may allow an authenticated user to potentially enable escalation of privilege via local access. (CVE-2025-20109) Sequence of processor instructions leads to unexpected behavior for some Intel® Xeon® 6 Scalable processors may allow an authenticated user to potentially enable escalation of privilege via local access. (CVE-2025-22840) Insufficient granularity of access control in the OOB-MSM for some Intel® Xeon® 6 Scalable processors may allow a privileged user to potentially enable escalation of privilege via adjacent access. (CVE-2025-22839) Improper handling of overlap between protected memory ranges for some Intel® Xeon® 6 processor with Intel® TDX may allow a privileged user to potentially enable escalation of privilege via local access. (CVE-2025-22889) Improper buffer restrictions for some Intel® Xeon® Processor firmware with SGX enabled may allow a privileged user to potentially enable escalation of privilege via local access. (CVE-2025-20053) Insufficient control flow management in the Alias Checking Trusted Module (ACTM) firmware for some Intel® Xeon® processors may allow a privileged user to potentially enable escalation of privilege via local access. (CVE-2025-24305) Missing reference to active allocated resource for some Intel® Xeon® processors may allow an authenticated user to potentially enable denial of service via local access. (CVE-2025-21090) Out-of-bounds write in the memory subsystem for some Intel® Xeon® 6 processors when using Intel® SGX or Intel® TDX may allow a privileged user to potentially enable escalation of privilege via local access. (CVE-2025-26403) Improperly implemented security check for standard in the DDRIO configuration for some Intel® Xeon® 6 Processors when using Intel® SGX or Intel® TDX may allow a privileged user to potentially enable escalation of privilege via local access. (CVE-2025-32086)

Affected Products

VendorProductVersionsPlatforms
Mageiamicrocode0 (affected), 0.20250812-1.mga9.nonfree (unaffected)

Browse GCVE Records

73,442 records in the GCVE database · Updated July 17, 2026

No matching records found.

Explore Further

Investigate this vulnerability in the interactive console or download the raw GCVE record.

$ Console Community · 100/wk Open console ›