UBUNTU-CVE-2025-31648
- Source
- https://ubuntu.com/security/CVE-2025-31648
- Import Source
- https://github.com/canonical/ubuntu-security-notices/blob/main/osv/cve/2025/UBUNTU-CVE-2025-31648.json
- JSON Data
- https://api.osv.dev/v1/vulns/UBUNTU-CVE-2025-31648
- Upstream
- Downstream
- Related
- Published
- 2026-02-10T17:16:00Z
- Modified
- 2026-03-04T08:02:48.565107Z
- Severity
-
- 3.9 (Low) CVSS_V3 - CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:C/C:L/I:L/A:N CVSS Calculator
- 1.8 (Low) CVSS_V4 - CVSS:4.0/AV:L/AC:H/AT:P/PR:H/UI:N/VC:L/VI:L/VA:N/SC:L/SI:L/SA:N CVSS Calculator
- Ubuntu - low
- Summary
- [none]
- Details
-
Improper handling of values in the microcode flow for some Intel(R) Processor Family may allow an escalation of privilege. Startup code and smm adversary with a privileged user combined with a high complexity attack may enable escalation of privilege. This result may potentially occur via local access when attack requirements are present with special internal knowledge and requires no user interaction. The potential vulnerability may impact the confidentiality (low), integrity (low) and availability (none) of the vulnerable system, resulting in subsequent system confidentiality (low), integrity (low) and availability (none) impacts.
- References
-
- https://ubuntu.com/security/CVE-2025-31648
- https://www.cve.org/CVERecord?id=CVE-2025-31648
- https://github.com/intel/Intel-Linux-Processor-Microcode-Data-Files/releases/tag/microcode-20260210-rev1
- https://intel.com/content/www/us/en/security-center/advisory/intel-sa-01396.html
- https://ubuntu.com/security/notices/USN-8068-1
Affected packages
Ubuntu:22.04:LTS
intel-microcode
Package
- Name
- intel-microcode
- Purl
- pkg:deb/ubuntu/intel-microcode@3.20260210.0ubuntu0.22.04.1?arch=source&distro=jammy
Affected ranges
- Type
- ECOSYSTEM
- Events
-
Introduced0Unknown introduced version / All previous versions are affectedFixed3.20260210.0ubuntu0.22.04.1
Affected versions
3.*
3.20210608.2ubuntu1
3.20220510.0ubuntu0.22.04.1
3.20220809.0ubuntu0.22.04.1
3.20230214.0ubuntu0.22.04.1
3.20230808.0ubuntu0.22.04.1
3.20231114.0ubuntu0.22.04.1
3.20240514.0ubuntu0.22.04.1
3.20240813.0ubuntu0.22.04.2
3.20240910.0ubuntu0.22.04.1
3.20241112.0ubuntu0.22.04.1
3.20250211.0ubuntu0.22.04.1
3.20250512.0ubuntu0.22.04.1
3.20250812.0ubuntu0.22.04.1
Ubuntu:24.04:LTS
intel-microcode
Package
- Name
- intel-microcode
- Purl
- pkg:deb/ubuntu/intel-microcode@3.20260210.0ubuntu0.24.04.1?arch=source&distro=noble
Affected ranges
- Type
- ECOSYSTEM
- Events
-
Introduced0Unknown introduced version / All previous versions are affectedFixed3.20260210.0ubuntu0.24.04.1
Affected versions
3.*
3.20230808.1
3.20231114.0ubuntu1
3.20231114.1
3.20240312.1
3.20240312.1build1
3.20240514.0ubuntu0.24.04.1
3.20240813.0ubuntu0.24.04.2
3.20240910.0ubuntu0.24.04.1
3.20241112.0ubuntu0.24.04.1
3.20250211.0ubuntu0.24.04.1
3.20250512.0ubuntu0.24.04.1
3.20250812.0ubuntu0.24.04.1
Ubuntu:25.10
intel-microcode
Package
- Name
- intel-microcode
- Purl
- pkg:deb/ubuntu/intel-microcode@3.20260210.0ubuntu0.25.10.1?arch=source&distro=questing
Affected ranges
- Type
- ECOSYSTEM
- Events
-
Introduced0Unknown introduced version / All previous versions are affectedFixed3.20260210.0ubuntu0.25.10.1
Ubuntu:Pro:14.04:LTS
intel-microcode
Package
- Name
- intel-microcode
- Purl
- pkg:deb/ubuntu/intel-microcode@3.20210608.0ubuntu0.14.04.1+esm1?arch=source&distro=esm-infra-legacy/trusty
Affected ranges
- Type
- ECOSYSTEM
- Events
-
Introduced0Unknown introduced version / All previous versions are affected
Affected versions
1.*
1.20130906.1ubuntu2
1.20130906.1ubuntu3
2.*
2.20140122.1
2.20140430.1ubuntu1
2.20140624-t-1ubuntu2
3.*
3.20180108.0~ubuntu14.04.2
3.20180108.0+really20170707ubuntu14.04.1
3.20180312.0~ubuntu14.04.1
3.20180425.1~ubuntu0.14.04.1
3.20180425.1~ubuntu0.14.04.2
3.20180807a.0ubuntu0.14.04.1
3.20190514.0ubuntu0.14.04.1
3.20190514.0ubuntu0.14.04.2
3.20190618.0ubuntu0.14.04.1
3.20191112-0ubuntu0.14.04.2
3.20191115.1ubuntu0.14.04.1
3.20191115.1ubuntu0.14.04.2
3.20200609.0ubuntu0.14.04.0
3.20200609.0ubuntu0.14.04.1
3.20201110.0ubuntu0.14.04.1
3.20201110.0ubuntu0.14.04.2
3.20210608.0ubuntu0.14.04.1+esm1
Ubuntu:Pro:16.04:LTS
intel-microcode
Package
- Name
- intel-microcode
- Purl
- pkg:deb/ubuntu/intel-microcode@3.20260210.0ubuntu0.16.04.1+esm1?arch=source&distro=esm-infra/xenial
Affected ranges
- Type
- ECOSYSTEM
- Events
-
Introduced0Unknown introduced version / All previous versions are affectedFixed3.20260210.0ubuntu0.16.04.1+esm1
Affected versions
3.*
3.20150121.1
3.20151106.1
3.20170707.1~ubuntu16.04.0
3.20180108.0~ubuntu16.04.2
3.20180108.0+really20170707ubuntu16.04.1
3.20180312.0~ubuntu16.04.1
3.20180425.1~ubuntu0.16.04.1
3.20180425.1~ubuntu0.16.04.2
3.20180807a.0ubuntu0.16.04.1
3.20190514.0ubuntu0.16.04.1
3.20190514.0ubuntu0.16.04.2
3.20190618.0ubuntu0.16.04.1
3.20191112-0ubuntu0.16.04.2
3.20191115.1ubuntu0.16.04.1
3.20191115.1ubuntu0.16.04.2
3.20200609.0ubuntu0.16.04.0
3.20200609.0ubuntu0.16.04.1
3.20201110.0ubuntu0.16.04.1
3.20201110.0ubuntu0.16.04.2
3.20210216.0ubuntu0.16.04.1
3.20210608.0ubuntu0.16.04.1+esm1
3.20220510.0ubuntu0.16.04.1+esm1
3.20230214.0ubuntu0.16.04.1+esm1
3.20230808.0ubuntu0.16.04.1+esm1
3.20231114.0ubuntu0.16.04.1+esm1
3.20240514.0ubuntu0.16.04.1+esm1
3.20240813.0ubuntu0.16.04.1+esm2
3.20240910.0ubuntu0.16.04.1+esm1
3.20241112.0ubuntu0.16.04.1+esm1
3.20250211.0ubuntu0.16.04.1+esm1
3.20250512.0ubuntu0.16.04.1+esm1
3.20250812.0ubuntu0.16.04.1+esm1
Ecosystem specific
{
"availability": "Available with Ubuntu Pro (Infra-only): https://ubuntu.com/pro",
"binaries": [
{
"binary_name": "intel-microcode",
"binary_version": "3.20260210.0ubuntu0.16.04.1+esm1"
}
],
"priority_reason": "High complexity local attack with special internal knowledge needed"
}Ubuntu:Pro:18.04:LTS
intel-microcode
Package
- Name
- intel-microcode
- Purl
- pkg:deb/ubuntu/intel-microcode@3.20260210.0ubuntu0.18.04.1+esm1?arch=source&distro=esm-infra/bionic
Affected ranges
- Type
- ECOSYSTEM
- Events
-
Introduced0Unknown introduced version / All previous versions are affectedFixed3.20260210.0ubuntu0.18.04.1+esm1
Affected versions
3.*
3.20170707.1
3.20171117.1
3.20180108.1
3.20180108.1+really20171117.1
3.20180312.0~ubuntu18.04.1
3.20180425.1~ubuntu0.18.04.1
3.20180425.1~ubuntu0.18.04.2
3.20180807a.0ubuntu0.18.04.1
3.20190514.0ubuntu0.18.04.2
3.20190514.0ubuntu0.18.04.3
3.20190618.0ubuntu0.18.04.1
3.20191112-0ubuntu0.18.04.2
3.20191115.1ubuntu0.18.04.1
3.20191115.1ubuntu0.18.04.2
3.20200609.0ubuntu0.18.04.0
3.20200609.0ubuntu0.18.04.1
3.20201110.0ubuntu0.18.04.1
3.20201110.0ubuntu0.18.04.2
3.20210216.0ubuntu0.18.04.1
3.20210608.0ubuntu0.18.04.1
3.20220510.0ubuntu0.18.04.1
3.20220809.0ubuntu0.18.04.1
3.20230214.0ubuntu0.18.04.1
3.20230808.0ubuntu0.18.04.1+esm1
3.20231114.0ubuntu0.18.04.1+esm1
3.20240514.0ubuntu0.18.04.1+esm1
3.20240813.0ubuntu0.18.04.1+esm2
3.20240910.0ubuntu0.18.04.1+esm1
3.20241112.0ubuntu0.18.04.1+esm1
3.20250211.0ubuntu0.18.04.1+esm1
3.20250512.0ubuntu0.18.04.1+esm1
3.20250812.0ubuntu0.18.04.1+esm1
Ecosystem specific
{
"availability": "Available with Ubuntu Pro (Infra-only): https://ubuntu.com/pro",
"binaries": [
{
"binary_name": "intel-microcode",
"binary_version": "3.20260210.0ubuntu0.18.04.1+esm1"
}
],
"priority_reason": "High complexity local attack with special internal knowledge needed"
}Ubuntu:Pro:20.04:LTS
intel-microcode
Package
- Name
- intel-microcode
- Purl
- pkg:deb/ubuntu/intel-microcode@3.20260210.0ubuntu0.20.04.1+esm1?arch=source&distro=esm-infra/focal
Affected ranges
- Type
- ECOSYSTEM
- Events
-
Introduced0Unknown introduced version / All previous versions are affectedFixed3.20260210.0ubuntu0.20.04.1+esm1
Affected versions
3.*
3.20190918.1ubuntu1
3.20191115.1ubuntu1
3.20191115.1ubuntu2
3.20191115.1ubuntu3
3.20200609.0ubuntu0.20.04.0
3.20200609.0ubuntu0.20.04.1
3.20200609.0ubuntu0.20.04.2
3.20201110.0ubuntu0.20.04.1
3.20201110.0ubuntu0.20.04.2
3.20210216.0ubuntu0.20.04.1
3.20210608.0ubuntu0.20.04.1
3.20220510.0ubuntu0.20.04.1
3.20220809.0ubuntu0.20.04.1
3.20230214.0ubuntu0.20.04.1
3.20230808.0ubuntu0.20.04.1
3.20231114.0ubuntu0.20.04.1
3.20240514.0ubuntu0.20.04.1
3.20240813.0ubuntu0.20.04.2
3.20240910.0ubuntu0.20.04.1
3.20241112.0ubuntu0.20.04.1
3.20250211.0ubuntu0.20.04.1
3.20250512.0ubuntu0.20.04.1
3.20250812.0ubuntu0.20.04.1+esm1
Ecosystem specific
{
"availability": "Available with Ubuntu Pro (Infra-only): https://ubuntu.com/pro",
"binaries": [
{
"binary_name": "intel-microcode",
"binary_version": "3.20260210.0ubuntu0.20.04.1+esm1"
}
],
"priority_reason": "High complexity local attack with special internal knowledge needed"
}