USN-7866-1
- Source
- https://ubuntu.com/security/notices/USN-7866-1
- Import Source
- https://github.com/canonical/ubuntu-security-notices/blob/main/osv/usn/USN-7866-1.json
- JSON Data
- https://api.osv.dev/v1/vulns/USN-7866-1
- Upstream
- Related
- Published
- 2025-11-10T20:11:08Z
- Modified
- 2026-02-10T04:50:22Z
- Summary
- intel-microcode vulnerabilities
- Details
-
Barak Gross discovered that some Intel® Xeon® processors with SGX enabled did not properly handle buffer restrictions. A local authenticated user could potentially use this issue to escalate their privileges. (CVE-2025-20053)
Avinash Maddy discovered that some Intel® processors did not properly isolate or compartmentalize the stream cache mechanisms. A local authenticated user could potentially use this issue to escalate their privileges. (CVE-2025-20109)
Joseph Nuzman discovered that some Intel® Xeon® processors did not properly manage references to active allocate resources. A local authenticated user could potentially use this issue to cause a denial of service (system crash). (CVE-2025-21090)
It was discovered that some Intel® Xeon® 6 processors did not properly provide sufficient granularity of access control in the out of band management service module (OOB-MSM). An authenticated user could potentially use this issue to escalate their privileges. (CVE-2025-22839)
It was discovered that some Intel® Xeon® 6 Scalable processors did not properly handle a specific sequence of processor instructions, leading to unexpected behavior. A local authenticated user could potentially use this issue to escalate their privileges. (CVE-2025-22840)
Joseph Nuzman discovered that some Intel® Xeon® 6 processors with Intel® Trust Domain Extensions (Intel® TDX) did not properly handle overlap between protected memory ranges. A local authenticated user could potentially use this issue to escalate their privileges. (CVE-2025-22889)
Avraham Shalev discovered that some Intel® Xeon® processors did not properly provide sufficient control flow management in the Alias Checking Trusted Module (ACTM) firmware. A local authenticated user could potentially use this issue to escalate their privileges. (CVE-2025-24305)
Aviv Eisen and Avraham Shalev discovered that some Intel® Xeon® 6 processors when using Intel® SGX or Intel® TDX did not properly protect against out-of-bounds writes in the memory subsystem. A local authenticated user could potentially use this issue to escalate their privileges. (CVE-2025-26403)
Aviv Eisen and Avraham Shalev discovered that some Intel® Xeon® 6 processors when using Intel® SGX or Intel® TDX did not properly implement security checks in the DDRIO configuration. A local authenticated user could potentially use this issue to escalate their privileges. (CVE-2025-32086)
- References
-
- https://ubuntu.com/security/notices/USN-7866-1
- https://ubuntu.com/security/CVE-2025-20053
- https://ubuntu.com/security/CVE-2025-20109
- https://ubuntu.com/security/CVE-2025-21090
- https://ubuntu.com/security/CVE-2025-22839
- https://ubuntu.com/security/CVE-2025-22840
- https://ubuntu.com/security/CVE-2025-22889
- https://ubuntu.com/security/CVE-2025-24305
- https://ubuntu.com/security/CVE-2025-26403
- https://ubuntu.com/security/CVE-2025-32086
Affected packages
Ubuntu:22.04:LTS
intel-microcode
Package
- Name
- intel-microcode
- Purl
- pkg:deb/ubuntu/intel-microcode@3.20250812.0ubuntu0.22.04.1?arch=source&distro=jammy
Affected ranges
- Type
- ECOSYSTEM
- Events
-
Introduced0Unknown introduced version / All previous versions are affectedFixed3.20250812.0ubuntu0.22.04.1
Affected versions
3.*
3.20210608.2ubuntu1
3.20220510.0ubuntu0.22.04.1
3.20220809.0ubuntu0.22.04.1
3.20230214.0ubuntu0.22.04.1
3.20230808.0ubuntu0.22.04.1
3.20231114.0ubuntu0.22.04.1
3.20240514.0ubuntu0.22.04.1
3.20240813.0ubuntu0.22.04.2
3.20240910.0ubuntu0.22.04.1
3.20241112.0ubuntu0.22.04.1
3.20250211.0ubuntu0.22.04.1
3.20250512.0ubuntu0.22.04.1
Ecosystem specific
{
"availability": "No subscription required",
"binaries": [
{
"binary_name": "intel-microcode",
"binary_version": "3.20250812.0ubuntu0.22.04.1"
}
]
}Database specific
cves_map
{
"cves": [
{
"id": "CVE-2025-20053",
"severity": [
{
"type": "CVSS_V3",
"score": "CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:C/C:H/I:H/A:N"
},
{
"type": "CVSS_V4",
"score": "CVSS:4.0/AV:L/AC:H/AT:N/PR:H/UI:N/VC:H/VI:H/VA:N/SC:N/SI:N/SA:N"
},
{
"type": "Ubuntu",
"score": "medium"
}
]
},
{
"id": "CVE-2025-20109",
"severity": [
{
"type": "CVSS_V3",
"score": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:C/C:H/I:H/A:H"
},
{
"type": "CVSS_V4",
"score": "CVSS:4.0/AV:L/AC:H/AT:P/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N"
},
{
"type": "Ubuntu",
"score": "medium"
}
]
},
{
"id": "CVE-2025-21090",
"severity": [
{
"type": "CVSS_V3",
"score": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:N/I:N/A:H"
},
{
"type": "CVSS_V4",
"score": "CVSS:4.0/AV:P/AC:L/AT:P/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N"
},
{
"type": "Ubuntu",
"score": "medium"
}
]
},
{
"id": "CVE-2025-22839",
"severity": [
{
"type": "CVSS_V3",
"score": "CVSS:3.1/AV:A/AC:H/PR:H/UI:N/S:C/C:H/I:H/A:L"
},
{
"type": "CVSS_V4",
"score": "CVSS:4.0/AV:A/AC:H/AT:P/PR:H/UI:N/VC:H/VI:H/VA:L/SC:N/SI:N/SA:N"
},
{
"type": "Ubuntu",
"score": "medium"
}
]
},
{
"id": "CVE-2025-22840",
"severity": [
{
"type": "CVSS_V3",
"score": "CVSS:3.1/AV:L/AC:H/PR:L/UI:R/S:C/C:H/I:H/A:L"
},
{
"type": "CVSS_V4",
"score": "CVSS:4.0/AV:L/AC:H/AT:P/PR:L/UI:P/VC:H/VI:H/VA:L/SC:N/SI:N/SA:N"
},
{
"type": "Ubuntu",
"score": "medium"
}
]
},
{
"id": "CVE-2025-22889",
"severity": [
{
"type": "CVSS_V3",
"score": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:C/C:H/I:H/A:N"
},
{
"type": "CVSS_V4",
"score": "CVSS:4.0/AV:L/AC:L/AT:P/PR:H/UI:N/VC:H/VI:H/VA:N/SC:N/SI:N/SA:N"
},
{
"type": "Ubuntu",
"score": "medium"
}
]
},
{
"id": "CVE-2025-24305",
"severity": [
{
"type": "CVSS_V3",
"score": "CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:C/C:H/I:H/A:N"
},
{
"type": "CVSS_V4",
"score": "CVSS:4.0/AV:L/AC:H/AT:N/PR:H/UI:N/VC:H/VI:H/VA:N/SC:N/SI:N/SA:N"
},
{
"type": "Ubuntu",
"score": "medium"
}
]
},
{
"id": "CVE-2025-26403",
"severity": [
{
"type": "CVSS_V3",
"score": "CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:C/C:H/I:H/A:N"
},
{
"type": "CVSS_V4",
"score": "CVSS:4.0/AV:L/AC:H/AT:N/PR:H/UI:N/VC:N/VI:N/VA:N/SC:H/SI:H/SA:N"
},
{
"type": "Ubuntu",
"score": "medium"
}
]
},
{
"id": "CVE-2025-32086",
"severity": [
{
"type": "CVSS_V3",
"score": "CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:C/C:H/I:H/A:N"
},
{
"type": "CVSS_V4",
"score": "CVSS:4.0/AV:L/AC:H/AT:N/PR:H/UI:N/VC:N/VI:N/VA:N/SC:H/SI:H/SA:N"
},
{
"type": "Ubuntu",
"score": "medium"
}
]
}
],
"ecosystem": "Ubuntu:22.04:LTS"
}
source
"https://github.com/canonical/ubuntu-security-notices/blob/main/osv/usn/USN-7866-1.json"
Ubuntu:24.04:LTS
intel-microcode
Package
- Name
- intel-microcode
- Purl
- pkg:deb/ubuntu/intel-microcode@3.20250812.0ubuntu0.24.04.1?arch=source&distro=noble
Affected ranges
- Type
- ECOSYSTEM
- Events
-
Introduced0Unknown introduced version / All previous versions are affectedFixed3.20250812.0ubuntu0.24.04.1
Affected versions
3.*
3.20230808.1
3.20231114.0ubuntu1
3.20231114.1
3.20240312.1
3.20240312.1build1
3.20240514.0ubuntu0.24.04.1
3.20240813.0ubuntu0.24.04.2
3.20240910.0ubuntu0.24.04.1
3.20241112.0ubuntu0.24.04.1
3.20250211.0ubuntu0.24.04.1
3.20250512.0ubuntu0.24.04.1
Ecosystem specific
{
"availability": "No subscription required",
"binaries": [
{
"binary_name": "intel-microcode",
"binary_version": "3.20250812.0ubuntu0.24.04.1"
}
]
}Database specific
cves_map
{
"cves": [
{
"id": "CVE-2025-20053",
"severity": [
{
"type": "CVSS_V3",
"score": "CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:C/C:H/I:H/A:N"
},
{
"type": "CVSS_V4",
"score": "CVSS:4.0/AV:L/AC:H/AT:N/PR:H/UI:N/VC:H/VI:H/VA:N/SC:N/SI:N/SA:N"
},
{
"type": "Ubuntu",
"score": "medium"
}
]
},
{
"id": "CVE-2025-20109",
"severity": [
{
"type": "CVSS_V3",
"score": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:C/C:H/I:H/A:H"
},
{
"type": "CVSS_V4",
"score": "CVSS:4.0/AV:L/AC:H/AT:P/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N"
},
{
"type": "Ubuntu",
"score": "medium"
}
]
},
{
"id": "CVE-2025-21090",
"severity": [
{
"type": "CVSS_V3",
"score": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:N/I:N/A:H"
},
{
"type": "CVSS_V4",
"score": "CVSS:4.0/AV:P/AC:L/AT:P/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N"
},
{
"type": "Ubuntu",
"score": "medium"
}
]
},
{
"id": "CVE-2025-22839",
"severity": [
{
"type": "CVSS_V3",
"score": "CVSS:3.1/AV:A/AC:H/PR:H/UI:N/S:C/C:H/I:H/A:L"
},
{
"type": "CVSS_V4",
"score": "CVSS:4.0/AV:A/AC:H/AT:P/PR:H/UI:N/VC:H/VI:H/VA:L/SC:N/SI:N/SA:N"
},
{
"type": "Ubuntu",
"score": "medium"
}
]
},
{
"id": "CVE-2025-22840",
"severity": [
{
"type": "CVSS_V3",
"score": "CVSS:3.1/AV:L/AC:H/PR:L/UI:R/S:C/C:H/I:H/A:L"
},
{
"type": "CVSS_V4",
"score": "CVSS:4.0/AV:L/AC:H/AT:P/PR:L/UI:P/VC:H/VI:H/VA:L/SC:N/SI:N/SA:N"
},
{
"type": "Ubuntu",
"score": "medium"
}
]
},
{
"id": "CVE-2025-22889",
"severity": [
{
"type": "CVSS_V3",
"score": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:C/C:H/I:H/A:N"
},
{
"type": "CVSS_V4",
"score": "CVSS:4.0/AV:L/AC:L/AT:P/PR:H/UI:N/VC:H/VI:H/VA:N/SC:N/SI:N/SA:N"
},
{
"type": "Ubuntu",
"score": "medium"
}
]
},
{
"id": "CVE-2025-24305",
"severity": [
{
"type": "CVSS_V3",
"score": "CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:C/C:H/I:H/A:N"
},
{
"type": "CVSS_V4",
"score": "CVSS:4.0/AV:L/AC:H/AT:N/PR:H/UI:N/VC:H/VI:H/VA:N/SC:N/SI:N/SA:N"
},
{
"type": "Ubuntu",
"score": "medium"
}
]
},
{
"id": "CVE-2025-26403",
"severity": [
{
"type": "CVSS_V3",
"score": "CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:C/C:H/I:H/A:N"
},
{
"type": "CVSS_V4",
"score": "CVSS:4.0/AV:L/AC:H/AT:N/PR:H/UI:N/VC:N/VI:N/VA:N/SC:H/SI:H/SA:N"
},
{
"type": "Ubuntu",
"score": "medium"
}
]
},
{
"id": "CVE-2025-32086",
"severity": [
{
"type": "CVSS_V3",
"score": "CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:C/C:H/I:H/A:N"
},
{
"type": "CVSS_V4",
"score": "CVSS:4.0/AV:L/AC:H/AT:N/PR:H/UI:N/VC:N/VI:N/VA:N/SC:H/SI:H/SA:N"
},
{
"type": "Ubuntu",
"score": "medium"
}
]
}
],
"ecosystem": "Ubuntu:24.04:LTS"
}
source
"https://github.com/canonical/ubuntu-security-notices/blob/main/osv/usn/USN-7866-1.json"
Ubuntu:25.10
intel-microcode
Package
- Name
- intel-microcode
- Purl
- pkg:deb/ubuntu/intel-microcode@3.20250812.0ubuntu0.25.10.1?arch=source&distro=questing
Affected ranges
- Type
- ECOSYSTEM
- Events
-
Introduced0Unknown introduced version / All previous versions are affectedFixed3.20250812.0ubuntu0.25.10.1
Ecosystem specific
{
"availability": "No subscription required",
"binaries": [
{
"binary_name": "intel-microcode",
"binary_version": "3.20250812.0ubuntu0.25.10.1"
}
]
}Database specific
cves_map
{
"cves": [
{
"id": "CVE-2025-20053",
"severity": [
{
"type": "CVSS_V3",
"score": "CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:C/C:H/I:H/A:N"
},
{
"type": "CVSS_V4",
"score": "CVSS:4.0/AV:L/AC:H/AT:N/PR:H/UI:N/VC:H/VI:H/VA:N/SC:N/SI:N/SA:N"
},
{
"type": "Ubuntu",
"score": "medium"
}
]
},
{
"id": "CVE-2025-20109",
"severity": [
{
"type": "CVSS_V3",
"score": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:C/C:H/I:H/A:H"
},
{
"type": "CVSS_V4",
"score": "CVSS:4.0/AV:L/AC:H/AT:P/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N"
},
{
"type": "Ubuntu",
"score": "medium"
}
]
},
{
"id": "CVE-2025-21090",
"severity": [
{
"type": "CVSS_V3",
"score": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:N/I:N/A:H"
},
{
"type": "CVSS_V4",
"score": "CVSS:4.0/AV:P/AC:L/AT:P/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N"
},
{
"type": "Ubuntu",
"score": "medium"
}
]
},
{
"id": "CVE-2025-22839",
"severity": [
{
"type": "CVSS_V3",
"score": "CVSS:3.1/AV:A/AC:H/PR:H/UI:N/S:C/C:H/I:H/A:L"
},
{
"type": "CVSS_V4",
"score": "CVSS:4.0/AV:A/AC:H/AT:P/PR:H/UI:N/VC:H/VI:H/VA:L/SC:N/SI:N/SA:N"
},
{
"type": "Ubuntu",
"score": "medium"
}
]
},
{
"id": "CVE-2025-22840",
"severity": [
{
"type": "CVSS_V3",
"score": "CVSS:3.1/AV:L/AC:H/PR:L/UI:R/S:C/C:H/I:H/A:L"
},
{
"type": "CVSS_V4",
"score": "CVSS:4.0/AV:L/AC:H/AT:P/PR:L/UI:P/VC:H/VI:H/VA:L/SC:N/SI:N/SA:N"
},
{
"type": "Ubuntu",
"score": "medium"
}
]
},
{
"id": "CVE-2025-22889",
"severity": [
{
"type": "CVSS_V3",
"score": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:C/C:H/I:H/A:N"
},
{
"type": "CVSS_V4",
"score": "CVSS:4.0/AV:L/AC:L/AT:P/PR:H/UI:N/VC:H/VI:H/VA:N/SC:N/SI:N/SA:N"
},
{
"type": "Ubuntu",
"score": "medium"
}
]
},
{
"id": "CVE-2025-24305",
"severity": [
{
"type": "CVSS_V3",
"score": "CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:C/C:H/I:H/A:N"
},
{
"type": "CVSS_V4",
"score": "CVSS:4.0/AV:L/AC:H/AT:N/PR:H/UI:N/VC:H/VI:H/VA:N/SC:N/SI:N/SA:N"
},
{
"type": "Ubuntu",
"score": "medium"
}
]
},
{
"id": "CVE-2025-26403",
"severity": [
{
"type": "CVSS_V3",
"score": "CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:C/C:H/I:H/A:N"
},
{
"type": "CVSS_V4",
"score": "CVSS:4.0/AV:L/AC:H/AT:N/PR:H/UI:N/VC:N/VI:N/VA:N/SC:H/SI:H/SA:N"
},
{
"type": "Ubuntu",
"score": "medium"
}
]
},
{
"id": "CVE-2025-32086",
"severity": [
{
"type": "CVSS_V3",
"score": "CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:C/C:H/I:H/A:N"
},
{
"type": "CVSS_V4",
"score": "CVSS:4.0/AV:L/AC:H/AT:N/PR:H/UI:N/VC:N/VI:N/VA:N/SC:H/SI:H/SA:N"
},
{
"type": "Ubuntu",
"score": "medium"
}
]
}
],
"ecosystem": "Ubuntu:25.10"
}
source
"https://github.com/canonical/ubuntu-security-notices/blob/main/osv/usn/USN-7866-1.json"
Ubuntu:Pro:16.04:LTS
intel-microcode
Package
- Name
- intel-microcode
- Purl
- pkg:deb/ubuntu/intel-microcode@3.20250812.0ubuntu0.16.04.1+esm1?arch=source&distro=esm-infra/xenial
Affected ranges
- Type
- ECOSYSTEM
- Events
-
Introduced0Unknown introduced version / All previous versions are affectedFixed3.20250812.0ubuntu0.16.04.1+esm1
Affected versions
3.*
3.20150121.1
3.20151106.1
3.20170707.1~ubuntu16.04.0
3.20180108.0~ubuntu16.04.2
3.20180108.0+really20170707ubuntu16.04.1
3.20180312.0~ubuntu16.04.1
3.20180425.1~ubuntu0.16.04.1
3.20180425.1~ubuntu0.16.04.2
3.20180807a.0ubuntu0.16.04.1
3.20190514.0ubuntu0.16.04.1
3.20190514.0ubuntu0.16.04.2
3.20190618.0ubuntu0.16.04.1
3.20191112-0ubuntu0.16.04.2
3.20191115.1ubuntu0.16.04.1
3.20191115.1ubuntu0.16.04.2
3.20200609.0ubuntu0.16.04.0
3.20200609.0ubuntu0.16.04.1
3.20201110.0ubuntu0.16.04.1
3.20201110.0ubuntu0.16.04.2
3.20210216.0ubuntu0.16.04.1
3.20210608.0ubuntu0.16.04.1+esm1
3.20220510.0ubuntu0.16.04.1+esm1
3.20230214.0ubuntu0.16.04.1+esm1
3.20230808.0ubuntu0.16.04.1+esm1
3.20231114.0ubuntu0.16.04.1+esm1
3.20240514.0ubuntu0.16.04.1+esm1
3.20240813.0ubuntu0.16.04.1+esm2
3.20240910.0ubuntu0.16.04.1+esm1
3.20241112.0ubuntu0.16.04.1+esm1
3.20250211.0ubuntu0.16.04.1+esm1
3.20250512.0ubuntu0.16.04.1+esm1
Ecosystem specific
{
"availability": "Available with Ubuntu Pro (Infra-only): https://ubuntu.com/pro",
"binaries": [
{
"binary_name": "intel-microcode",
"binary_version": "3.20250812.0ubuntu0.16.04.1+esm1"
}
]
}Database specific
cves_map
{
"cves": [
{
"id": "CVE-2025-20053",
"severity": [
{
"type": "CVSS_V3",
"score": "CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:C/C:H/I:H/A:N"
},
{
"type": "CVSS_V4",
"score": "CVSS:4.0/AV:L/AC:H/AT:N/PR:H/UI:N/VC:H/VI:H/VA:N/SC:N/SI:N/SA:N"
},
{
"type": "Ubuntu",
"score": "medium"
}
]
},
{
"id": "CVE-2025-20109",
"severity": [
{
"type": "CVSS_V3",
"score": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:C/C:H/I:H/A:H"
},
{
"type": "CVSS_V4",
"score": "CVSS:4.0/AV:L/AC:H/AT:P/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N"
},
{
"type": "Ubuntu",
"score": "medium"
}
]
},
{
"id": "CVE-2025-21090",
"severity": [
{
"type": "CVSS_V3",
"score": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:N/I:N/A:H"
},
{
"type": "CVSS_V4",
"score": "CVSS:4.0/AV:P/AC:L/AT:P/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N"
},
{
"type": "Ubuntu",
"score": "medium"
}
]
},
{
"id": "CVE-2025-22839",
"severity": [
{
"type": "CVSS_V3",
"score": "CVSS:3.1/AV:A/AC:H/PR:H/UI:N/S:C/C:H/I:H/A:L"
},
{
"type": "CVSS_V4",
"score": "CVSS:4.0/AV:A/AC:H/AT:P/PR:H/UI:N/VC:H/VI:H/VA:L/SC:N/SI:N/SA:N"
},
{
"type": "Ubuntu",
"score": "medium"
}
]
},
{
"id": "CVE-2025-22840",
"severity": [
{
"type": "CVSS_V3",
"score": "CVSS:3.1/AV:L/AC:H/PR:L/UI:R/S:C/C:H/I:H/A:L"
},
{
"type": "CVSS_V4",
"score": "CVSS:4.0/AV:L/AC:H/AT:P/PR:L/UI:P/VC:H/VI:H/VA:L/SC:N/SI:N/SA:N"
},
{
"type": "Ubuntu",
"score": "medium"
}
]
},
{
"id": "CVE-2025-22889",
"severity": [
{
"type": "CVSS_V3",
"score": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:C/C:H/I:H/A:N"
},
{
"type": "CVSS_V4",
"score": "CVSS:4.0/AV:L/AC:L/AT:P/PR:H/UI:N/VC:H/VI:H/VA:N/SC:N/SI:N/SA:N"
},
{
"type": "Ubuntu",
"score": "medium"
}
]
},
{
"id": "CVE-2025-24305",
"severity": [
{
"type": "CVSS_V3",
"score": "CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:C/C:H/I:H/A:N"
},
{
"type": "CVSS_V4",
"score": "CVSS:4.0/AV:L/AC:H/AT:N/PR:H/UI:N/VC:H/VI:H/VA:N/SC:N/SI:N/SA:N"
},
{
"type": "Ubuntu",
"score": "medium"
}
]
},
{
"id": "CVE-2025-26403",
"severity": [
{
"type": "CVSS_V3",
"score": "CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:C/C:H/I:H/A:N"
},
{
"type": "CVSS_V4",
"score": "CVSS:4.0/AV:L/AC:H/AT:N/PR:H/UI:N/VC:N/VI:N/VA:N/SC:H/SI:H/SA:N"
},
{
"type": "Ubuntu",
"score": "medium"
}
]
},
{
"id": "CVE-2025-32086",
"severity": [
{
"type": "CVSS_V3",
"score": "CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:C/C:H/I:H/A:N"
},
{
"type": "CVSS_V4",
"score": "CVSS:4.0/AV:L/AC:H/AT:N/PR:H/UI:N/VC:N/VI:N/VA:N/SC:H/SI:H/SA:N"
},
{
"type": "Ubuntu",
"score": "medium"
}
]
}
],
"ecosystem": "Ubuntu:Pro:16.04:LTS"
}
source
"https://github.com/canonical/ubuntu-security-notices/blob/main/osv/usn/USN-7866-1.json"
Ubuntu:Pro:18.04:LTS
intel-microcode
Package
- Name
- intel-microcode
- Purl
- pkg:deb/ubuntu/intel-microcode@3.20250812.0ubuntu0.18.04.1+esm1?arch=source&distro=esm-infra/bionic
Affected ranges
- Type
- ECOSYSTEM
- Events
-
Introduced0Unknown introduced version / All previous versions are affectedFixed3.20250812.0ubuntu0.18.04.1+esm1
Affected versions
3.*
3.20170707.1
3.20171117.1
3.20180108.1
3.20180108.1+really20171117.1
3.20180312.0~ubuntu18.04.1
3.20180425.1~ubuntu0.18.04.1
3.20180425.1~ubuntu0.18.04.2
3.20180807a.0ubuntu0.18.04.1
3.20190514.0ubuntu0.18.04.2
3.20190514.0ubuntu0.18.04.3
3.20190618.0ubuntu0.18.04.1
3.20191112-0ubuntu0.18.04.2
3.20191115.1ubuntu0.18.04.1
3.20191115.1ubuntu0.18.04.2
3.20200609.0ubuntu0.18.04.0
3.20200609.0ubuntu0.18.04.1
3.20201110.0ubuntu0.18.04.1
3.20201110.0ubuntu0.18.04.2
3.20210216.0ubuntu0.18.04.1
3.20210608.0ubuntu0.18.04.1
3.20220510.0ubuntu0.18.04.1
3.20220809.0ubuntu0.18.04.1
3.20230214.0ubuntu0.18.04.1
3.20230808.0ubuntu0.18.04.1+esm1
3.20231114.0ubuntu0.18.04.1+esm1
3.20240514.0ubuntu0.18.04.1+esm1
3.20240813.0ubuntu0.18.04.1+esm2
3.20240910.0ubuntu0.18.04.1+esm1
3.20241112.0ubuntu0.18.04.1+esm1
3.20250211.0ubuntu0.18.04.1+esm1
3.20250512.0ubuntu0.18.04.1+esm1
Ecosystem specific
{
"availability": "Available with Ubuntu Pro (Infra-only): https://ubuntu.com/pro",
"binaries": [
{
"binary_name": "intel-microcode",
"binary_version": "3.20250812.0ubuntu0.18.04.1+esm1"
}
]
}Database specific
cves_map
{
"cves": [
{
"id": "CVE-2025-20053",
"severity": [
{
"type": "CVSS_V3",
"score": "CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:C/C:H/I:H/A:N"
},
{
"type": "CVSS_V4",
"score": "CVSS:4.0/AV:L/AC:H/AT:N/PR:H/UI:N/VC:H/VI:H/VA:N/SC:N/SI:N/SA:N"
},
{
"type": "Ubuntu",
"score": "medium"
}
]
},
{
"id": "CVE-2025-20109",
"severity": [
{
"type": "CVSS_V3",
"score": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:C/C:H/I:H/A:H"
},
{
"type": "CVSS_V4",
"score": "CVSS:4.0/AV:L/AC:H/AT:P/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N"
},
{
"type": "Ubuntu",
"score": "medium"
}
]
},
{
"id": "CVE-2025-21090",
"severity": [
{
"type": "CVSS_V3",
"score": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:N/I:N/A:H"
},
{
"type": "CVSS_V4",
"score": "CVSS:4.0/AV:P/AC:L/AT:P/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N"
},
{
"type": "Ubuntu",
"score": "medium"
}
]
},
{
"id": "CVE-2025-22839",
"severity": [
{
"type": "CVSS_V3",
"score": "CVSS:3.1/AV:A/AC:H/PR:H/UI:N/S:C/C:H/I:H/A:L"
},
{
"type": "CVSS_V4",
"score": "CVSS:4.0/AV:A/AC:H/AT:P/PR:H/UI:N/VC:H/VI:H/VA:L/SC:N/SI:N/SA:N"
},
{
"type": "Ubuntu",
"score": "medium"
}
]
},
{
"id": "CVE-2025-22840",
"severity": [
{
"type": "CVSS_V3",
"score": "CVSS:3.1/AV:L/AC:H/PR:L/UI:R/S:C/C:H/I:H/A:L"
},
{
"type": "CVSS_V4",
"score": "CVSS:4.0/AV:L/AC:H/AT:P/PR:L/UI:P/VC:H/VI:H/VA:L/SC:N/SI:N/SA:N"
},
{
"type": "Ubuntu",
"score": "medium"
}
]
},
{
"id": "CVE-2025-22889",
"severity": [
{
"type": "CVSS_V3",
"score": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:C/C:H/I:H/A:N"
},
{
"type": "CVSS_V4",
"score": "CVSS:4.0/AV:L/AC:L/AT:P/PR:H/UI:N/VC:H/VI:H/VA:N/SC:N/SI:N/SA:N"
},
{
"type": "Ubuntu",
"score": "medium"
}
]
},
{
"id": "CVE-2025-24305",
"severity": [
{
"type": "CVSS_V3",
"score": "CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:C/C:H/I:H/A:N"
},
{
"type": "CVSS_V4",
"score": "CVSS:4.0/AV:L/AC:H/AT:N/PR:H/UI:N/VC:H/VI:H/VA:N/SC:N/SI:N/SA:N"
},
{
"type": "Ubuntu",
"score": "medium"
}
]
},
{
"id": "CVE-2025-26403",
"severity": [
{
"type": "CVSS_V3",
"score": "CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:C/C:H/I:H/A:N"
},
{
"type": "CVSS_V4",
"score": "CVSS:4.0/AV:L/AC:H/AT:N/PR:H/UI:N/VC:N/VI:N/VA:N/SC:H/SI:H/SA:N"
},
{
"type": "Ubuntu",
"score": "medium"
}
]
},
{
"id": "CVE-2025-32086",
"severity": [
{
"type": "CVSS_V3",
"score": "CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:C/C:H/I:H/A:N"
},
{
"type": "CVSS_V4",
"score": "CVSS:4.0/AV:L/AC:H/AT:N/PR:H/UI:N/VC:N/VI:N/VA:N/SC:H/SI:H/SA:N"
},
{
"type": "Ubuntu",
"score": "medium"
}
]
}
],
"ecosystem": "Ubuntu:Pro:18.04:LTS"
}
source
"https://github.com/canonical/ubuntu-security-notices/blob/main/osv/usn/USN-7866-1.json"
Ubuntu:Pro:20.04:LTS
intel-microcode
Package
- Name
- intel-microcode
- Purl
- pkg:deb/ubuntu/intel-microcode@3.20250812.0ubuntu0.20.04.1+esm1?arch=source&distro=esm-infra/focal
Affected ranges
- Type
- ECOSYSTEM
- Events
-
Introduced0Unknown introduced version / All previous versions are affectedFixed3.20250812.0ubuntu0.20.04.1+esm1
Affected versions
3.*
3.20190918.1ubuntu1
3.20191115.1ubuntu1
3.20191115.1ubuntu2
3.20191115.1ubuntu3
3.20200609.0ubuntu0.20.04.0
3.20200609.0ubuntu0.20.04.1
3.20200609.0ubuntu0.20.04.2
3.20201110.0ubuntu0.20.04.1
3.20201110.0ubuntu0.20.04.2
3.20210216.0ubuntu0.20.04.1
3.20210608.0ubuntu0.20.04.1
3.20220510.0ubuntu0.20.04.1
3.20220809.0ubuntu0.20.04.1
3.20230214.0ubuntu0.20.04.1
3.20230808.0ubuntu0.20.04.1
3.20231114.0ubuntu0.20.04.1
3.20240514.0ubuntu0.20.04.1
3.20240813.0ubuntu0.20.04.2
3.20240910.0ubuntu0.20.04.1
3.20241112.0ubuntu0.20.04.1
3.20250211.0ubuntu0.20.04.1
3.20250512.0ubuntu0.20.04.1
Ecosystem specific
{
"availability": "Available with Ubuntu Pro (Infra-only): https://ubuntu.com/pro",
"binaries": [
{
"binary_name": "intel-microcode",
"binary_version": "3.20250812.0ubuntu0.20.04.1+esm1"
}
]
}Database specific
cves_map
{
"cves": [
{
"id": "CVE-2025-20053",
"severity": [
{
"type": "CVSS_V3",
"score": "CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:C/C:H/I:H/A:N"
},
{
"type": "CVSS_V4",
"score": "CVSS:4.0/AV:L/AC:H/AT:N/PR:H/UI:N/VC:H/VI:H/VA:N/SC:N/SI:N/SA:N"
},
{
"type": "Ubuntu",
"score": "medium"
}
]
},
{
"id": "CVE-2025-20109",
"severity": [
{
"type": "CVSS_V3",
"score": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:C/C:H/I:H/A:H"
},
{
"type": "CVSS_V4",
"score": "CVSS:4.0/AV:L/AC:H/AT:P/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N"
},
{
"type": "Ubuntu",
"score": "medium"
}
]
},
{
"id": "CVE-2025-21090",
"severity": [
{
"type": "CVSS_V3",
"score": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:N/I:N/A:H"
},
{
"type": "CVSS_V4",
"score": "CVSS:4.0/AV:P/AC:L/AT:P/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N"
},
{
"type": "Ubuntu",
"score": "medium"
}
]
},
{
"id": "CVE-2025-22839",
"severity": [
{
"type": "CVSS_V3",
"score": "CVSS:3.1/AV:A/AC:H/PR:H/UI:N/S:C/C:H/I:H/A:L"
},
{
"type": "CVSS_V4",
"score": "CVSS:4.0/AV:A/AC:H/AT:P/PR:H/UI:N/VC:H/VI:H/VA:L/SC:N/SI:N/SA:N"
},
{
"type": "Ubuntu",
"score": "medium"
}
]
},
{
"id": "CVE-2025-22840",
"severity": [
{
"type": "CVSS_V3",
"score": "CVSS:3.1/AV:L/AC:H/PR:L/UI:R/S:C/C:H/I:H/A:L"
},
{
"type": "CVSS_V4",
"score": "CVSS:4.0/AV:L/AC:H/AT:P/PR:L/UI:P/VC:H/VI:H/VA:L/SC:N/SI:N/SA:N"
},
{
"type": "Ubuntu",
"score": "medium"
}
]
},
{
"id": "CVE-2025-22889",
"severity": [
{
"type": "CVSS_V3",
"score": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:C/C:H/I:H/A:N"
},
{
"type": "CVSS_V4",
"score": "CVSS:4.0/AV:L/AC:L/AT:P/PR:H/UI:N/VC:H/VI:H/VA:N/SC:N/SI:N/SA:N"
},
{
"type": "Ubuntu",
"score": "medium"
}
]
},
{
"id": "CVE-2025-24305",
"severity": [
{
"type": "CVSS_V3",
"score": "CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:C/C:H/I:H/A:N"
},
{
"type": "CVSS_V4",
"score": "CVSS:4.0/AV:L/AC:H/AT:N/PR:H/UI:N/VC:H/VI:H/VA:N/SC:N/SI:N/SA:N"
},
{
"type": "Ubuntu",
"score": "medium"
}
]
},
{
"id": "CVE-2025-26403",
"severity": [
{
"type": "CVSS_V3",
"score": "CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:C/C:H/I:H/A:N"
},
{
"type": "CVSS_V4",
"score": "CVSS:4.0/AV:L/AC:H/AT:N/PR:H/UI:N/VC:N/VI:N/VA:N/SC:H/SI:H/SA:N"
},
{
"type": "Ubuntu",
"score": "medium"
}
]
},
{
"id": "CVE-2025-32086",
"severity": [
{
"type": "CVSS_V3",
"score": "CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:C/C:H/I:H/A:N"
},
{
"type": "CVSS_V4",
"score": "CVSS:4.0/AV:L/AC:H/AT:N/PR:H/UI:N/VC:N/VI:N/VA:N/SC:H/SI:H/SA:N"
},
{
"type": "Ubuntu",
"score": "medium"
}
]
}
],
"ecosystem": "Ubuntu:Pro:20.04:LTS"
}
source
"https://github.com/canonical/ubuntu-security-notices/blob/main/osv/usn/USN-7866-1.json"