{"affected":[{"ecosystem_specific":{"binaries":[{"ucode-intel":"20250812-150200.59.1"}]},"package":{"ecosystem":"SUSE:Linux Enterprise Micro 5.3","name":"ucode-intel","purl":"pkg:rpm/suse/ucode-intel&distro=SUSE%20Linux%20Enterprise%20Micro%205.3"},"ranges":[{"events":[{"introduced":"0"},{"fixed":"20250812-150200.59.1"}],"type":"ECOSYSTEM"}]},{"ecosystem_specific":{"binaries":[{"ucode-intel":"20250812-150200.59.1"}]},"package":{"ecosystem":"SUSE:Linux Enterprise Micro 5.4","name":"ucode-intel","purl":"pkg:rpm/suse/ucode-intel&distro=SUSE%20Linux%20Enterprise%20Micro%205.4"},"ranges":[{"events":[{"introduced":"0"},{"fixed":"20250812-150200.59.1"}],"type":"ECOSYSTEM"}]},{"ecosystem_specific":{"binaries":[{"ucode-intel":"20250812-150200.59.1"}]},"package":{"ecosystem":"SUSE:Linux Enterprise Micro 5.5","name":"ucode-intel","purl":"pkg:rpm/suse/ucode-intel&distro=SUSE%20Linux%20Enterprise%20Micro%205.5"},"ranges":[{"events":[{"introduced":"0"},{"fixed":"20250812-150200.59.1"}],"type":"ECOSYSTEM"}]},{"ecosystem_specific":{"binaries":[{"ucode-intel":"20250812-150200.59.1"}]},"package":{"ecosystem":"SUSE:Linux Enterprise Module for Basesystem 15 SP6","name":"ucode-intel","purl":"pkg:rpm/suse/ucode-intel&distro=SUSE%20Linux%20Enterprise%20Module%20for%20Basesystem%2015%20SP6"},"ranges":[{"events":[{"introduced":"0"},{"fixed":"20250812-150200.59.1"}],"type":"ECOSYSTEM"}]},{"ecosystem_specific":{"binaries":[{"ucode-intel":"20250812-150200.59.1"}]},"package":{"ecosystem":"SUSE:Linux Enterprise Module for Basesystem 15 SP7","name":"ucode-intel","purl":"pkg:rpm/suse/ucode-intel&distro=SUSE%20Linux%20Enterprise%20Module%20for%20Basesystem%2015%20SP7"},"ranges":[{"events":[{"introduced":"0"},{"fixed":"20250812-150200.59.1"}],"type":"ECOSYSTEM"}]},{"ecosystem_specific":{"binaries":[{"ucode-intel":"20250812-150200.59.1"}]},"package":{"ecosystem":"SUSE:Linux Enterprise High Performance Computing 15 SP3-LTSS","name":"ucode-intel","purl":"pkg:rpm/suse/ucode-intel&distro=SUSE%20Linux%20Enterprise%20High%20Performance%20Computing%2015%20SP3-LTSS"},"ranges":[{"events":[{"introduced":"0"},{"fixed":"20250812-150200.59.1"}],"type":"ECOSYSTEM"}]},{"ecosystem_specific":{"binaries":[{"ucode-intel":"20250812-150200.59.1"}]},"package":{"ecosystem":"SUSE:Linux Enterprise High Performance Computing 15 SP4-ESPOS","name":"ucode-intel","purl":"pkg:rpm/suse/ucode-intel&distro=SUSE%20Linux%20Enterprise%20High%20Performance%20Computing%2015%20SP4-ESPOS"},"ranges":[{"events":[{"introduced":"0"},{"fixed":"20250812-150200.59.1"}],"type":"ECOSYSTEM"}]},{"ecosystem_specific":{"binaries":[{"ucode-intel":"20250812-150200.59.1"}]},"package":{"ecosystem":"SUSE:Linux Enterprise High Performance Computing 15 SP4-LTSS","name":"ucode-intel","purl":"pkg:rpm/suse/ucode-intel&distro=SUSE%20Linux%20Enterprise%20High%20Performance%20Computing%2015%20SP4-LTSS"},"ranges":[{"events":[{"introduced":"0"},{"fixed":"20250812-150200.59.1"}],"type":"ECOSYSTEM"}]},{"ecosystem_specific":{"binaries":[{"ucode-intel":"20250812-150200.59.1"}]},"package":{"ecosystem":"SUSE:Linux Enterprise High Performance Computing 15 SP5-ESPOS","name":"ucode-intel","purl":"pkg:rpm/suse/ucode-intel&distro=SUSE%20Linux%20Enterprise%20High%20Performance%20Computing%2015%20SP5-ESPOS"},"ranges":[{"events":[{"introduced":"0"},{"fixed":"20250812-150200.59.1"}],"type":"ECOSYSTEM"}]},{"ecosystem_specific":{"binaries":[{"ucode-intel":"20250812-150200.59.1"}]},"package":{"ecosystem":"SUSE:Linux Enterprise High Performance Computing 15 SP5-LTSS","name":"ucode-intel","purl":"pkg:rpm/suse/ucode-intel&distro=SUSE%20Linux%20Enterprise%20High%20Performance%20Computing%2015%20SP5-LTSS"},"ranges":[{"events":[{"introduced":"0"},{"fixed":"20250812-150200.59.1"}],"type":"ECOSYSTEM"}]},{"ecosystem_specific":{"binaries":[{"ucode-intel":"20250812-150200.59.1"}]},"package":{"ecosystem":"SUSE:Linux Enterprise Server 15 SP3-LTSS","name":"ucode-intel","purl":"pkg:rpm/suse/ucode-intel&distro=SUSE%20Linux%20Enterprise%20Server%2015%20SP3-LTSS"},"ranges":[{"events":[{"introduced":"0"},{"fixed":"20250812-150200.59.1"}],"type":"ECOSYSTEM"}]},{"ecosystem_specific":{"binaries":[{"ucode-intel":"20250812-150200.59.1"}]},"package":{"ecosystem":"SUSE:Linux Enterprise Server 15 SP4-LTSS","name":"ucode-intel","purl":"pkg:rpm/suse/ucode-intel&distro=SUSE%20Linux%20Enterprise%20Server%2015%20SP4-LTSS"},"ranges":[{"events":[{"introduced":"0"},{"fixed":"20250812-150200.59.1"}],"type":"ECOSYSTEM"}]},{"ecosystem_specific":{"binaries":[{"ucode-intel":"20250812-150200.59.1"}]},"package":{"ecosystem":"SUSE:Linux Enterprise Server 15 SP5-LTSS","name":"ucode-intel","purl":"pkg:rpm/suse/ucode-intel&distro=SUSE%20Linux%20Enterprise%20Server%2015%20SP5-LTSS"},"ranges":[{"events":[{"introduced":"0"},{"fixed":"20250812-150200.59.1"}],"type":"ECOSYSTEM"}]},{"ecosystem_specific":{"binaries":[{"ucode-intel":"20250812-150200.59.1"}]},"package":{"ecosystem":"SUSE:Linux Enterprise Server for SAP Applications 15 SP3","name":"ucode-intel","purl":"pkg:rpm/suse/ucode-intel&distro=SUSE%20Linux%20Enterprise%20Server%20for%20SAP%20Applications%2015%20SP3"},"ranges":[{"events":[{"introduced":"0"},{"fixed":"20250812-150200.59.1"}],"type":"ECOSYSTEM"}]},{"ecosystem_specific":{"binaries":[{"ucode-intel":"20250812-150200.59.1"}]},"package":{"ecosystem":"SUSE:Linux Enterprise Server for SAP Applications 15 SP4","name":"ucode-intel","purl":"pkg:rpm/suse/ucode-intel&distro=SUSE%20Linux%20Enterprise%20Server%20for%20SAP%20Applications%2015%20SP4"},"ranges":[{"events":[{"introduced":"0"},{"fixed":"20250812-150200.59.1"}],"type":"ECOSYSTEM"}]},{"ecosystem_specific":{"binaries":[{"ucode-intel":"20250812-150200.59.1"}]},"package":{"ecosystem":"SUSE:Linux Enterprise Server for SAP Applications 15 SP5","name":"ucode-intel","purl":"pkg:rpm/suse/ucode-intel&distro=SUSE%20Linux%20Enterprise%20Server%20for%20SAP%20Applications%2015%20SP5"},"ranges":[{"events":[{"introduced":"0"},{"fixed":"20250812-150200.59.1"}],"type":"ECOSYSTEM"}]},{"ecosystem_specific":{"binaries":[{"ucode-intel":"20250812-150200.59.1"}]},"package":{"ecosystem":"SUSE:Manager Proxy LTS 4.3","name":"ucode-intel","purl":"pkg:rpm/suse/ucode-intel&distro=SUSE%20Manager%20Proxy%20LTS%204.3"},"ranges":[{"events":[{"introduced":"0"},{"fixed":"20250812-150200.59.1"}],"type":"ECOSYSTEM"}]},{"ecosystem_specific":{"binaries":[{"ucode-intel":"20250812-150200.59.1"}]},"package":{"ecosystem":"SUSE:Manager Server LTS 4.3","name":"ucode-intel","purl":"pkg:rpm/suse/ucode-intel&distro=SUSE%20Manager%20Server%20LTS%204.3"},"ranges":[{"events":[{"introduced":"0"},{"fixed":"20250812-150200.59.1"}],"type":"ECOSYSTEM"}]},{"ecosystem_specific":{"binaries":[{"ucode-intel":"20250812-150200.59.1"}]},"package":{"ecosystem":"SUSE:Linux Enterprise Micro 5.1","name":"ucode-intel","purl":"pkg:rpm/suse/ucode-intel&distro=SUSE%20Linux%20Enterprise%20Micro%205.1"},"ranges":[{"events":[{"introduced":"0"},{"fixed":"20250812-150200.59.1"}],"type":"ECOSYSTEM"}]},{"ecosystem_specific":{"binaries":[{"ucode-intel":"20250812-150200.59.1"}]},"package":{"ecosystem":"SUSE:Linux Enterprise Micro 5.2","name":"ucode-intel","purl":"pkg:rpm/suse/ucode-intel&distro=SUSE%20Linux%20Enterprise%20Micro%205.2"},"ranges":[{"events":[{"introduced":"0"},{"fixed":"20250812-150200.59.1"}],"type":"ECOSYSTEM"}]},{"ecosystem_specific":{"binaries":[{"ucode-intel":"20250812-150200.59.1"}]},"package":{"ecosystem":"SUSE:Enterprise Storage 7.1","name":"ucode-intel","purl":"pkg:rpm/suse/ucode-intel&distro=SUSE%20Enterprise%20Storage%207.1"},"ranges":[{"events":[{"introduced":"0"},{"fixed":"20250812-150200.59.1"}],"type":"ECOSYSTEM"}]},{"ecosystem_specific":{"binaries":[{"ucode-intel":"20250812-150200.59.1"}]},"package":{"ecosystem":"openSUSE:Leap 15.6","name":"ucode-intel","purl":"pkg:rpm/opensuse/ucode-intel&distro=openSUSE%20Leap%2015.6"},"ranges":[{"events":[{"introduced":"0"},{"fixed":"20250812-150200.59.1"}],"type":"ECOSYSTEM"}]}],"aliases":[],"details":"This update for ucode-intel fixes the following issues:\n\n- Intel CPU Microcode was updated to the 20250812 release (bsc#1248438)\n - CVE-2025-20109: Improper Isolation or Compartmentalization in the stream cache mechanism for some Intel Processors may allow an authenticated user to potentially enable escalation of privilege via local access.\n - CVE-2025-22840: Sequence of processor instructions leads to unexpected behavior for some Intel Xeon 6 Scalable processors may allow an authenticated user to potentially enable escalation of privilege via local access\n - CVE-2025-22839: Insufficient granularity of access control in the OOB-MSM for some Intel Xeon 6 Scalable processors may allow a privileged user to potentially enable escalation of privilege via adjacent access.\n - CVE-2025-22889: Improper handling of overlap between protected memory ranges for some Intel Xeon 6 processor with Intel TDX may allow a privileged user to potentially enable escalation of privilege via local access.\n - CVE-2025-20053: Improper buffer restrictions for some Intel Xeon Processor firmware with SGX enabled may allow a privileged user to potentially enable escalation of privilege via local access.\n - CVE-2025-26403: Out-of-bounds write in the memory subsystem for some Intel Xeon 6 processors when using Intel SGX or Intel TDX may allow a privileged user to potentially enable escalation of privilege via local access.\n - CVE-2025-32086: Improperly implemented security check for standard in the DDRIO configuration for some Intel Xeon 6 Processors when using Intel SGX or Intel TDX may allow a privileged user to potentially enable escalation of privilege via local access.\n - Update for functional issues.\n - Updated Platforms:\n\n | Processor | Stepping | F-M-S/PI | Old Ver | New Ver | Products\n |:---------------|:---------|:------------|:---------|:---------|:---------\n | ARL-H | A1 | 06-c5-02/82 | 00000118 | 00000119 | Core Ultra Processor (Series 2)\n | ARL-S/HX (8P) | B0 | 06-c6-02/82 | 00000118 | 00000119 | Core Ultra Processor (Series 2)\n | EMR-SP | A1 | 06-cf-02/87 | 210002a9 | 210002b3 | Xeon Scalable Gen5\n | GNR-AP/SP | B0 | 06-ad-01/95 | 010003a2 | 010003d0 | Xeon Scalable Gen6\n | GNR-AP/SP | H0 | 06-ad-01/20 | 0a0000d1 | 0a000100 | Xeon Scalable Gen6\n | ICL-D | B0 | 06-6c-01/10 | 010002d0 | 010002e0 | Xeon D-17xx, D-27xx\n | ICX-SP | Dx/M1 | 06-6a-06/87 | 0d000404 | 0d000410 | Xeon Scalable Gen3\n | LNL | B0 | 06-bd-01/80 | 0000011f | 00000123 | Core Ultra 200 V Series Processor\n | MTL | C0 | 06-aa-04/e6 | 00000024 | 00000025 | Coreā„¢ Ultra Processor\n | RPL-H/P/PX 6+8 | J0 | 06-ba-02/e0 | 00004128 | 00004129 | Core Gen13\n | RPL-U 2+8 | Q0 | 06-ba-03/e0 | 00004128 | 00004129 | Core Gen13\n | SPR-HBM | Bx | 06-8f-08/10 | 2c0003f7 | 2c000401 | Xeon Max\n | SPR-SP | E4/S2 | 06-8f-07/87 | 2b000639 | 2b000643 | Xeon Scalable Gen4\n | SPR-SP | E5/S3 | 06-8f-08/87 | 2b000639 | 2b000643 | Xeon Scalable Gen4\n | SRF-SP | C0 | 06-af-03/01 | 03000341 | 03000362 | Xeon 6700-Series Processors with E-Cores\n \n New Disclosures Updated in Prior Releases:\n All ADL, RPL, SPR, EMR, MTL, ARL Microcode patches previously released in May 2025.\n","id":"SUSE-SU-2025:03053-1","modified":"2025-09-02T17:42:12Z","published":"2025-09-02T17:42:12Z","references":[{"type":"ADVISORY","url":"https://www.suse.com/support/update/announcement/2025/suse-su-202503053-1/"},{"type":"REPORT","url":"https://bugzilla.suse.com/1248438"},{"type":"WEB","url":"https://www.suse.com/security/cve/CVE-2025-20053"},{"type":"WEB","url":"https://www.suse.com/security/cve/CVE-2025-20109"},{"type":"WEB","url":"https://www.suse.com/security/cve/CVE-2025-22839"},{"type":"WEB","url":"https://www.suse.com/security/cve/CVE-2025-22840"},{"type":"WEB","url":"https://www.suse.com/security/cve/CVE-2025-22889"},{"type":"WEB","url":"https://www.suse.com/security/cve/CVE-2025-26403"},{"type":"WEB","url":"https://www.suse.com/security/cve/CVE-2025-32086"}],"related":["CVE-2025-20053","CVE-2025-20109","CVE-2025-22839","CVE-2025-22840","CVE-2025-22889","CVE-2025-26403","CVE-2025-32086"],"summary":"Security update for ucode-intel","upstream":["CVE-2025-20053","CVE-2025-20109","CVE-2025-22839","CVE-2025-22840","CVE-2025-22889","CVE-2025-26403","CVE-2025-32086"]}