USN-8068-1
- Source
- https://ubuntu.com/security/notices/USN-8068-1
- Import Source
- https://github.com/canonical/ubuntu-security-notices/blob/main/osv/usn/USN-8068-1.json
- JSON Data
- https://api.osv.dev/v1/vulns/USN-8068-1
- Upstream
- Related
- Published
- 2026-03-03T14:03:20Z
- Modified
- 2026-05-20T16:03:51.358491314Z
- Summary
- intel-microcode vulnerability
- Details
-
Sergiu Ghetie discovered that some IntelĀ® processors did not properly handle values in the microcode flow. A local authenticated user could potentially use this issue to escalate their privileges.
- References
Affected packages
Ubuntu:22.04:LTS
intel-microcode
Package
- Name
- intel-microcode
- Purl
- pkg:deb/ubuntu/intel-microcode?arch=source&distro=jammy
Affected ranges
- Type
- ECOSYSTEM
- Events
-
Introduced0Unknown introduced version / All previous versions are affectedFixed3.20260210.0ubuntu0.22.04.1
Affected versions
3.*
3.20210608.2ubuntu1
3.20220510.0ubuntu0.22.04.1
3.20220809.0ubuntu0.22.04.1
3.20230214.0ubuntu0.22.04.1
3.20230808.0ubuntu0.22.04.1
3.20231114.0ubuntu0.22.04.1
3.20240514.0ubuntu0.22.04.1
3.20240813.0ubuntu0.22.04.2
3.20240910.0ubuntu0.22.04.1
3.20241112.0ubuntu0.22.04.1
3.20250211.0ubuntu0.22.04.1
3.20250512.0ubuntu0.22.04.1
3.20250812.0ubuntu0.22.04.1
Ecosystem specific
{
"binaries": [
{
"binary_version": "3.20260210.0ubuntu0.22.04.1",
"binary_name": "intel-microcode"
}
],
"availability": "No subscription required"
}Database specific
cves_map
{
"ecosystem": "Ubuntu:22.04:LTS",
"cves": [
{
"severity": [
{
"score": "CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:C/C:L/I:L/A:N",
"type": "CVSS_V3"
},
{
"score": "CVSS:4.0/AV:L/AC:H/AT:P/PR:H/UI:N/VC:L/VI:L/VA:N/SC:L/SI:L/SA:N",
"type": "CVSS_V4"
},
{
"score": "low",
"type": "Ubuntu"
}
],
"id": "CVE-2025-31648"
}
]
}
source
"https://github.com/canonical/ubuntu-security-notices/blob/main/osv/usn/USN-8068-1.json"
Ubuntu:24.04:LTS
intel-microcode
Package
- Name
- intel-microcode
- Purl
- pkg:deb/ubuntu/intel-microcode?arch=source&distro=noble
Affected ranges
- Type
- ECOSYSTEM
- Events
-
Introduced0Unknown introduced version / All previous versions are affectedFixed3.20260210.0ubuntu0.24.04.1
Affected versions
3.*
3.20230808.1
3.20231114.0ubuntu1
3.20231114.1
3.20240312.1
3.20240312.1build1
3.20240514.0ubuntu0.24.04.1
3.20240813.0ubuntu0.24.04.2
3.20240910.0ubuntu0.24.04.1
3.20241112.0ubuntu0.24.04.1
3.20250211.0ubuntu0.24.04.1
3.20250512.0ubuntu0.24.04.1
3.20250812.0ubuntu0.24.04.1
Ecosystem specific
{
"binaries": [
{
"binary_version": "3.20260210.0ubuntu0.24.04.1",
"binary_name": "intel-microcode"
}
],
"availability": "No subscription required"
}Database specific
cves_map
{
"ecosystem": "Ubuntu:24.04:LTS",
"cves": [
{
"severity": [
{
"score": "CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:C/C:L/I:L/A:N",
"type": "CVSS_V3"
},
{
"score": "CVSS:4.0/AV:L/AC:H/AT:P/PR:H/UI:N/VC:L/VI:L/VA:N/SC:L/SI:L/SA:N",
"type": "CVSS_V4"
},
{
"score": "low",
"type": "Ubuntu"
}
],
"id": "CVE-2025-31648"
}
]
}
source
"https://github.com/canonical/ubuntu-security-notices/blob/main/osv/usn/USN-8068-1.json"
Ubuntu:25.10
intel-microcode
Package
- Name
- intel-microcode
- Purl
- pkg:deb/ubuntu/intel-microcode?arch=source&distro=questing
Affected ranges
- Type
- ECOSYSTEM
- Events
-
Introduced0Unknown introduced version / All previous versions are affectedFixed3.20260210.0ubuntu0.25.10.1
Ecosystem specific
{
"binaries": [
{
"binary_version": "3.20260210.0ubuntu0.25.10.1",
"binary_name": "intel-microcode"
}
],
"availability": "No subscription required"
}Database specific
cves_map
{
"ecosystem": "Ubuntu:25.10",
"cves": [
{
"severity": [
{
"score": "CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:C/C:L/I:L/A:N",
"type": "CVSS_V3"
},
{
"score": "CVSS:4.0/AV:L/AC:H/AT:P/PR:H/UI:N/VC:L/VI:L/VA:N/SC:L/SI:L/SA:N",
"type": "CVSS_V4"
},
{
"score": "low",
"type": "Ubuntu"
}
],
"id": "CVE-2025-31648"
}
]
}
source
"https://github.com/canonical/ubuntu-security-notices/blob/main/osv/usn/USN-8068-1.json"
Ubuntu:Pro:16.04:LTS
intel-microcode
Package
- Name
- intel-microcode
- Purl
- pkg:deb/ubuntu/intel-microcode?arch=source&distro=esm-apps%2Fxenial
Affected ranges
- Type
- ECOSYSTEM
- Events
-
Introduced0Unknown introduced version / All previous versions are affectedFixed3.20260210.0ubuntu0.16.04.1+esm1
Affected versions
3.*
3.20150121.1
3.20151106.1
3.20170707.1~ubuntu16.04.0
3.20180108.0~ubuntu16.04.2
3.20180108.0+really20170707ubuntu16.04.1
3.20180312.0~ubuntu16.04.1
3.20180425.1~ubuntu0.16.04.1
3.20180425.1~ubuntu0.16.04.2
3.20180807a.0ubuntu0.16.04.1
3.20190514.0ubuntu0.16.04.1
3.20190514.0ubuntu0.16.04.2
3.20190618.0ubuntu0.16.04.1
3.20191112-0ubuntu0.16.04.2
3.20191115.1ubuntu0.16.04.1
3.20191115.1ubuntu0.16.04.2
3.20200609.0ubuntu0.16.04.0
3.20200609.0ubuntu0.16.04.1
3.20201110.0ubuntu0.16.04.1
3.20201110.0ubuntu0.16.04.2
3.20210216.0ubuntu0.16.04.1
3.20210608.0ubuntu0.16.04.1+esm1
3.20220510.0ubuntu0.16.04.1+esm1
3.20230214.0ubuntu0.16.04.1+esm1
3.20230808.0ubuntu0.16.04.1+esm1
3.20231114.0ubuntu0.16.04.1+esm1
3.20240514.0ubuntu0.16.04.1+esm1
3.20240813.0ubuntu0.16.04.1+esm2
3.20240910.0ubuntu0.16.04.1+esm1
3.20241112.0ubuntu0.16.04.1+esm1
3.20250211.0ubuntu0.16.04.1+esm1
3.20250512.0ubuntu0.16.04.1+esm1
3.20250812.0ubuntu0.16.04.1+esm1
Ubuntu:Pro:18.04:LTS
intel-microcode
Package
- Name
- intel-microcode
- Purl
- pkg:deb/ubuntu/intel-microcode?arch=source&distro=esm-infra%2Fbionic
Affected ranges
- Type
- ECOSYSTEM
- Events
-
Introduced0Unknown introduced version / All previous versions are affectedFixed3.20260210.0ubuntu0.18.04.1+esm1
Affected versions
3.*
3.20170707.1
3.20171117.1
3.20180108.1
3.20180108.1+really20171117.1
3.20180312.0~ubuntu18.04.1
3.20180425.1~ubuntu0.18.04.1
3.20180425.1~ubuntu0.18.04.2
3.20180807a.0ubuntu0.18.04.1
3.20190514.0ubuntu0.18.04.2
3.20190514.0ubuntu0.18.04.3
3.20190618.0ubuntu0.18.04.1
3.20191112-0ubuntu0.18.04.2
3.20191115.1ubuntu0.18.04.1
3.20191115.1ubuntu0.18.04.2
3.20200609.0ubuntu0.18.04.0
3.20200609.0ubuntu0.18.04.1
3.20201110.0ubuntu0.18.04.1
3.20201110.0ubuntu0.18.04.2
3.20210216.0ubuntu0.18.04.1
3.20210608.0ubuntu0.18.04.1
3.20220510.0ubuntu0.18.04.1
3.20220809.0ubuntu0.18.04.1
3.20230214.0ubuntu0.18.04.1
3.20230808.0ubuntu0.18.04.1+esm1
3.20231114.0ubuntu0.18.04.1+esm1
3.20240514.0ubuntu0.18.04.1+esm1
3.20240813.0ubuntu0.18.04.1+esm2
3.20240910.0ubuntu0.18.04.1+esm1
3.20241112.0ubuntu0.18.04.1+esm1
3.20250211.0ubuntu0.18.04.1+esm1
3.20250512.0ubuntu0.18.04.1+esm1
3.20250812.0ubuntu0.18.04.1+esm1
Ecosystem specific
{
"binaries": [
{
"binary_version": "3.20260210.0ubuntu0.18.04.1+esm1",
"binary_name": "intel-microcode"
}
],
"availability": "Available with Ubuntu Pro (Infra-only): https://ubuntu.com/pro"
}Database specific
cves_map
{
"cves": [
{
"severity": [
{
"score": "CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:C/C:L/I:L/A:N",
"type": "CVSS_V3"
},
{
"score": "CVSS:4.0/AV:L/AC:H/AT:P/PR:H/UI:N/VC:L/VI:L/VA:N/SC:L/SI:L/SA:N",
"type": "CVSS_V4"
},
{
"score": "low",
"type": "Ubuntu"
}
],
"id": "CVE-2025-31648"
}
],
"ecosystem": "Ubuntu:Pro:18.04:LTS"
}
source
"https://github.com/canonical/ubuntu-security-notices/blob/main/osv/usn/USN-8068-1.json"
Ubuntu:Pro:20.04:LTS
intel-microcode
Package
- Name
- intel-microcode
- Purl
- pkg:deb/ubuntu/intel-microcode?arch=source&distro=esm-infra%2Ffocal
Affected ranges
- Type
- ECOSYSTEM
- Events
-
Introduced0Unknown introduced version / All previous versions are affectedFixed3.20260210.0ubuntu0.20.04.1+esm1
Affected versions
3.*
3.20190918.1ubuntu1
3.20191115.1ubuntu1
3.20191115.1ubuntu2
3.20191115.1ubuntu3
3.20200609.0ubuntu0.20.04.0
3.20200609.0ubuntu0.20.04.1
3.20200609.0ubuntu0.20.04.2
3.20201110.0ubuntu0.20.04.1
3.20201110.0ubuntu0.20.04.2
3.20210216.0ubuntu0.20.04.1
3.20210608.0ubuntu0.20.04.1
3.20220510.0ubuntu0.20.04.1
3.20220809.0ubuntu0.20.04.1
3.20230214.0ubuntu0.20.04.1
3.20230808.0ubuntu0.20.04.1
3.20231114.0ubuntu0.20.04.1
3.20240514.0ubuntu0.20.04.1
3.20240813.0ubuntu0.20.04.2
3.20240910.0ubuntu0.20.04.1
3.20241112.0ubuntu0.20.04.1
3.20250211.0ubuntu0.20.04.1
3.20250512.0ubuntu0.20.04.1
3.20250812.0ubuntu0.20.04.1+esm1
Ecosystem specific
{
"binaries": [
{
"binary_version": "3.20260210.0ubuntu0.20.04.1+esm1",
"binary_name": "intel-microcode"
}
],
"availability": "Available with Ubuntu Pro (Infra-only): https://ubuntu.com/pro"
}Database specific
cves_map
{
"cves": [
{
"severity": [
{
"score": "CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:C/C:L/I:L/A:N",
"type": "CVSS_V3"
},
{
"score": "CVSS:4.0/AV:L/AC:H/AT:P/PR:H/UI:N/VC:L/VI:L/VA:N/SC:L/SI:L/SA:N",
"type": "CVSS_V4"
},
{
"score": "low",
"type": "Ubuntu"
}
],
"id": "CVE-2025-31648"
}
],
"ecosystem": "Ubuntu:Pro:20.04:LTS"
}
source
"https://github.com/canonical/ubuntu-security-notices/blob/main/osv/usn/USN-8068-1.json"