CVE-2025-22047

x86/microcode/AMD: Fix __apply_microcode_amd()'s return value

Severity Score

7.1

*CVSS v3

Exploit Likelihood

*EPSS

Affected Versions

*CPE

Public Exploits

*Multiple Sources

Exploited in Wild

*KEV

Decision

*SSVC

Descriptions

In the Linux kernel, the following vulnerability has been resolved: x86/microcode/AMD: Fix __apply_microcode_amd()'s return value When verify_sha256_digest() fails, __apply_microcode_amd() should propagate
the failure by returning false (and not -1 which is promoted to true).

In the Linux kernel, the following vulnerability has been resolved: x86/microcode/AMD: Fix __apply_microcode_amd()'s return value When verify_sha256_digest() fails, __apply_microcode_amd() should propagate the failure by returning false (and not -1 which is promoted to true).

*Credits: N/A

Attack Vector

Local

Attack Complexity

Low

Privileges Required

Low

User Interaction

None

Scope

Unchanged

Confidentiality

High

Integrity

None

Availability

High

Attack Vector

Local

Attack Complexity

Low

Authentication

None

Confidentiality

Partial

Integrity

None

Availability

Complete

* Common Vulnerability Scoring System

SSVC

Decision:-

Exploitation

Automatable

Tech. Impact

* Organization's Worst-case Scenario

Timeline

2024-12-29 CVE Reserved
2025-04-16 CVE Published
2025-04-16 CVE Updated
2025-04-17 EPSS Updated
---------- Exploited in Wild
---------- KEV Due Date
---------- First Exploit

CWE

CAPEC

References (9)

URL	Tag	Source
https://git.kernel.org/stable/c/bef830144febedb7de86863ae99d8f53bed76e95	Vuln. Introduced
https://git.kernel.org/stable/c/3e8653e399e7111a3e87d534ff4533b250ae574f	Vuln. Introduced
https://git.kernel.org/stable/c/c162ba4f45ab6ef3b7114af6fb419f1833f050c0	Vuln. Introduced
https://git.kernel.org/stable/c/50cef76d5cb0e199cda19f026842560f6eedc4f7	Vuln. Introduced

URL	Date	SRC

URL	Date	SRC
https://git.kernel.org/stable/c/763f4d638f71cb45235395790a46e9f9e84227fd	2025-04-10
https://git.kernel.org/stable/c/ada88219d5315fc13f2910fe278c7112d8d68889	2025-04-10
https://git.kernel.org/stable/c/d295c58fad1d5ab987a81f139dd21498732c4f13	2025-04-10
https://git.kernel.org/stable/c/7f705a45f130a85fbf31c2abdc999c65644c8307	2025-04-10
https://git.kernel.org/stable/c/31ab12df723543047c3fc19cb8f8c4498ec6267f	2025-03-28

URL	Date	SRC

Affected Vendors, Products, and Versions

Vendor		Product				Version		Other		Status
Vendor	Product	Version	Other	Status	<-- -->	Vendor	Product	Version	Other	Status
Linux Search vendor "Linux"		Linux Kernel Search vendor "Linux" for product "Linux Kernel"				>= 6.6.81 < 6.6.87 Search vendor "Linux" for product "Linux Kernel" and version " >= 6.6.81 < 6.6.87"		en		Affected
Linux Search vendor "Linux"		Linux Kernel Search vendor "Linux" for product "Linux Kernel"				>= 6.12.18 < 6.12.23 Search vendor "Linux" for product "Linux Kernel" and version " >= 6.12.18 < 6.12.23"		en		Affected
Linux Search vendor "Linux"		Linux Kernel Search vendor "Linux" for product "Linux Kernel"				>= 6.13.6 < 6.13.11 Search vendor "Linux" for product "Linux Kernel" and version " >= 6.13.6 < 6.13.11"		en		Affected
Linux Search vendor "Linux"		Linux Kernel Search vendor "Linux" for product "Linux Kernel"				>= 6.14 < 6.14.2 Search vendor "Linux" for product "Linux Kernel" and version " >= 6.14 < 6.14.2"		en		Affected
Linux Search vendor "Linux"		Linux Kernel Search vendor "Linux" for product "Linux Kernel"				>= 6.14 < 6.15-rc1 Search vendor "Linux" for product "Linux Kernel" and version " >= 6.14 < 6.15-rc1"		en		Affected