ALPINE-CVE-2025-20109

See a problem?
Please try reporting it to the source first.

Source

https://security.alpinelinux.org/vuln/CVE-2025-20109

Import Source

https://storage.googleapis.com/cve-osv-conversion/alpine/ALPINE-CVE-2025-20109.json

JSON Data

https://api.osv.dev/v1/vulns/ALPINE-CVE-2025-20109

Upstream

CVE-2025-20109

Published

2025-08-12T17:15:29.740Z

Modified

2025-12-03T22:01:07.788359Z

Severity

7.3 (High) CVSS_V4 - CVSS:4.0/AV:L/AC:H/AT:P/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X CVSS Calculator

Summary

[none]

Details

Improper Isolation or Compartmentalization in the stream cache mechanism for some Intel(R) Processors may allow an authenticated user to potentially enable escalation of privilege via local access.

References

https://security.alpinelinux.org/vuln/CVE-2025-20109

Affected packages

Alpine:v3.19 / intel-ucode

Package

Name: intel-ucode
Purl: pkg:apk/alpine/intel-ucode?arch=source

Affected ranges

Type: ECOSYSTEM
Events: Introduced

0Unknown introduced version / All previous versions are affected

Fixed

20250812-r0

Affected versions

Other

20130222-r0

20170511-r0

20180108-r0

20180312-r0

20180807a-r0

20180807a-r1

20180807a-r2

20190514a-r0

20190618-r0

20190918-r0

20191112-r0

20191113-r0

20191115-r0

20200508-r0

20200520-r0

20200609-r0

20200616-r0

20201110-r0

20201112-r0

20210216-r0

20210608-r0

20220207-r0

20220419-r0

20220510-r0

20220809-r0

20221108-r0

20230214-r0

20230512-r0

20230516a-r0

20230613-r0

20230808-r0

20231114-r0

20240514-r0

20240813-r0

20240910-r0

20241112-r0

20250211-r0

20250512-r0

Database specific

source

"https://storage.googleapis.com/cve-osv-conversion/alpine/ALPINE-CVE-2025-20109.json"

Alpine:v3.20 / intel-ucode

Package

Name: intel-ucode
Purl: pkg:apk/alpine/intel-ucode?arch=source

Affected ranges

Type: ECOSYSTEM
Events: Introduced

0Unknown introduced version / All previous versions are affected

Fixed

20250812-r0

Affected versions

Other

20130222-r0

20170511-r0

20180108-r0

20180312-r0

20180807a-r0

20180807a-r1

20180807a-r2

20190514a-r0

20190618-r0

20190918-r0

20191112-r0

20191113-r0

20191115-r0

20200508-r0

20200520-r0

20200609-r0

20200616-r0

20201110-r0

20201112-r0

20210216-r0

20210608-r0

20220207-r0

20220419-r0

20220510-r0

20220809-r0

20221108-r0

20230214-r0

20230512-r0

20230516a-r0

20230613-r0

20230808-r0

20231114-r0

20240312-r0

20240514-r0

20240813-r0

20240910-r0

20241112-r0

20250211-r0

20250512-r0

Database specific

source

"https://storage.googleapis.com/cve-osv-conversion/alpine/ALPINE-CVE-2025-20109.json"

Alpine:v3.21 / intel-ucode

Package

Name: intel-ucode
Purl: pkg:apk/alpine/intel-ucode?arch=source

Affected ranges

Type: ECOSYSTEM
Events: Introduced

0Unknown introduced version / All previous versions are affected

Fixed

20250812-r0

Affected versions

Other

20130222-r0

20170511-r0

20180108-r0

20180312-r0

20180807a-r0

20180807a-r1

20180807a-r2

20190514a-r0

20190618-r0

20190918-r0

20191112-r0

20191113-r0

20191115-r0

20200508-r0

20200520-r0

20200609-r0

20200616-r0

20201110-r0

20201112-r0

20210216-r0

20210608-r0

20220207-r0

20220419-r0

20220510-r0

20220809-r0

20221108-r0

20230214-r0

20230512-r0

20230516a-r0

20230613-r0

20230808-r0

20231114-r0

20240312-r0

20240514-r0

20240531-r0

20240813-r0

20240910-r0

20241029-r0

20241112-r0

20250211-r0

20250512-r0

Database specific

source

"https://storage.googleapis.com/cve-osv-conversion/alpine/ALPINE-CVE-2025-20109.json"

Alpine:v3.22 / intel-ucode

Package

Name: intel-ucode
Purl: pkg:apk/alpine/intel-ucode?arch=source

Affected ranges

Type: ECOSYSTEM
Events: Introduced

0Unknown introduced version / All previous versions are affected

Fixed

20250812-r0

Affected versions

Other

20130222-r0

20170511-r0

20180108-r0

20180312-r0

20180807a-r0

20180807a-r1

20180807a-r2

20190514a-r0

20190618-r0

20190918-r0

20191112-r0

20191113-r0

20191115-r0

20200508-r0

20200520-r0

20200609-r0

20200616-r0

20201110-r0

20201112-r0

20210216-r0

20210608-r0

20220207-r0

20220419-r0

20220510-r0

20220809-r0

20221108-r0

20230214-r0

20230512-r0

20230516a-r0

20230613-r0

20230808-r0

20231114-r0

20240312-r0

20240514-r0

20240531-r0

20240813-r0

20240910-r0

20241029-r0

20241112-r0

20250211-r0

20250512-r0

Database specific

source

"https://storage.googleapis.com/cve-osv-conversion/alpine/ALPINE-CVE-2025-20109.json"

Alpine:v3.23 / intel-ucode

Package

Name: intel-ucode
Purl: pkg:apk/alpine/intel-ucode?arch=source

Affected ranges

Type: ECOSYSTEM
Events: Introduced

0Unknown introduced version / All previous versions are affected

Fixed

20250812-r0

Affected versions

Other

20130222-r0

20170511-r0

20180108-r0

20180312-r0

20180807a-r0

20180807a-r1

20180807a-r2

20190514a-r0

20190618-r0

20190918-r0

20191112-r0

20191113-r0

20191115-r0

20200508-r0

20200520-r0

20200609-r0

20200616-r0

20201110-r0

20201112-r0

20210216-r0

20210608-r0

20220207-r0

20220419-r0

20220510-r0

20220809-r0

20221108-r0

20230214-r0

20230512-r0

20230516a-r0

20230613-r0

20230808-r0

20231114-r0

20240312-r0

20240514-r0

20240531-r0

20240813-r0

20240910-r0

20241029-r0

20241112-r0

20250211-r0

20250512-r0

Database specific

source

"https://storage.googleapis.com/cve-osv-conversion/alpine/ALPINE-CVE-2025-20109.json"