BDU:2025-15109
Уязвимость микропрограммного обеспечения процессоров Intel, связанная с недостаточным пространственным разделением, позволяющая нарушителю повысить свои привилегии
📄 Описание
Уязвимость микропрограммного обеспечения процессоров Intel связана с недостаточным пространственным разделением. Эксплуатация уязвимости позволяет нарушителю повысить свои привилегии
🖥️ Уязвимое ПО
Canonical Ltd., Novell Inc., Intel Corp., Сообщество свободного программного обеспечения, ООО «РусБИТех-Астра», АО "НППКТ"
Наименование ПО: Ubuntu, Suse Linux Enterprise Desktop, SUSE Linux Enterprise Server for SAP Applications, OpenSUSE Leap, Suse Linux Enterprise Server, Intel Celeron Processor Family, Debian GNU/Linux, Astra Linux Special Edition (запись в едином реестре российских программ №369), 12th Generation Intel Core Processor Family, openSUSE Leap Micro, 13th Generation Intel Core Processor Family, 4th Generation Intel Xeon Scalable processors, 4th Generation Intel Xeon Platinum processors, 4th Generation Intel Xeon Gold Processors, 4th Generation Intel Xeon Silver Processor, 4th Generation Intel Xeon Bronze Processor, 14th Generation Intel Core Processor Family, 5th Generation Intel Xeon Scalable processors, 4th Gen Intel Xeon Scalable Processors, Intel Pentium Gold Processor Family, 4th Generation Intel Xeon Edge Enhanced Processors, Intel Xeon W2400 Processors, Intel Xeon W3400 Processors, Intel Core i9 processor 13900, Intel Core i9 processor 13900E, Intel Core i9 processor 14900, Intel Core i7 processor 14700, Intel Core i9 processor 14901E, Intel Core i7 processor 14701E, Intel Core Ultra Processors (Series 2), Intel Core Ultra Processor (Series 1), 5th Generation Intel Xeon Platinum processors, 5th Generation Intel Xeon Gold Processors, 5th Generation Intel Xeon Silver Processor, 5th Generation Intel Xeon Bronze Processor, 13th Generation Intel Core i9 Processors, Intel Core i9 processor 14900HX, Intel Core processors (Series 1), Intel Core processors (Series 2), Intel Core Processor U-series, Intel Core 9, Intel Xeon E processor family, Intel Xeon CPU Max Series processor, 5th Gen Intel Xeon Processor, ОСОН ОСнова Оnyx (запись в едином реестре российских программ №5913)
Версия ПО: 16.04 LTS (Ubuntu), 18.04 LTS (Ubuntu), 12 SP3 (Suse Linux Enterprise Desktop), 12 SP4 (Suse Linux Enterprise Desktop), 12 SP2 (SUSE Linux Enterprise Server for SAP Applications), 12 SP3 (SUSE Linux Enterprise Server for SAP Applications), 12 SP4 (SUSE Linux Enterprise Server for SAP Applications), 15.5 (OpenSUSE Leap), 12 SP3 (Suse Linux Enterprise Server), 12 SP4 (Suse Linux Enterprise Server), 11 SP4 (Suse Linux Enterprise Server), 12 SP2-BCL (Suse Linux Enterprise Server), 12 SP2-ESPOS (Suse Linux Enterprise Server), 12-LTSS (Suse Linux Enterprise Server), 12 SP1 (SUSE Linux Enterprise Server for SAP Applications), 15 (SUSE Linux Enterprise Server for SAP Applications), 15 SP1 (SUSE Linux Enterprise Server for SAP Applications), 11 SP4-LTSS (Suse Linux Enterprise Server), 12 SP1-LTSS (Suse Linux Enterprise Server), 12 SP2-LTSS (Suse Linux Enterprise Server), 12 SP3-BCL (Suse Linux Enterprise Server), 12 SP5 (Suse Linux Enterprise Server), 11 SP3-LTSS (Suse Linux Enterprise Server), 12 SP3-ESPOS (Suse Linux Enterprise Server), 12 SP2 (Suse Linux Enterprise Desktop), 12 SP2 (Suse Linux Enterprise Server), 15-LTSS (Suse Linux Enterprise Server), 12 SP1 (Suse Linux Enterprise Desktop), 12 SP1 (Suse Linux Enterprise Server), 20.04 LTS (Ubuntu), 11 SP4 (Suse Linux Enterprise Desktop), 11 SP3 (Suse Linux Enterprise Server), 12 (Suse Linux Enterprise Desktop), 12 SP4-ESPOS (Suse Linux Enterprise Server), - (Intel Celeron Processor Family), 12 SP4-LTSS (Suse Linux Enterprise Server), 15 SP1-BCL (Suse Linux Enterprise Server), 15 SP1-LTSS (Suse Linux Enterprise Server), 15 SP 3 (Suse Linux Enterprise Server), 11 SP3 (Suse Linux Enterprise Desktop), 15.3 (OpenSUSE Leap), 15 SP1 (Suse Linux Enterprise Server), 11 (Debian GNU/Linux), 12 (Debian GNU/Linux), 12 (Suse Linux Enterprise Server), 1.7 (Astra Linux Special Edition), 15.4 (OpenSUSE Leap), 15 SP3 (SUSE Linux Enterprise Server for SAP Applications), 15 SP3 (Suse Linux Enterprise Desktop), 15 SP2 (Suse Linux Enterprise Server), 15 SP2 (SUSE Linux Enterprise Server for SAP Applications), - (12th Generation Intel Core Processor Family), 15 SP4 (Suse Linux Enterprise Server), 15 SP2 (Suse Linux Enterprise Desktop), 15 SP4 (Suse Linux Enterprise Desktop), 15 (Suse Linux Enterprise Server), 15 SP2-BCL (Suse Linux Enterprise Server), 15 SP4 (SUSE Linux Enterprise Server for SAP Applications), 22.04 LTS (Ubuntu), 15 SP2-LTSS (Suse Linux Enterprise Server), 15 SP1 (Suse Linux Enterprise Desktop), 15 (Suse Linux Enterprise Desktop), 5.2 (openSUSE Leap Micro), 5.3 (openSUSE Leap Micro), 15 SP3-LTSS (Suse Linux Enterprise Server), 11 SP4-LTSS-EXTREME-CORE (Suse Linux Enterprise Server), 15 SP3-BCL (Suse Linux Enterprise Server), 15 SP5 (SUSE Linux Enterprise Server for SAP Applications), 15 SP5 (Suse Linux Enterprise Server), 15 SP5 (Suse Linux Enterprise Desktop), 5.4 (openSUSE Leap Micro), - (13th Generation Intel Core Processor Family), - (4th Generation Intel Xeon Scalable processors), - (4th Generation Intel Xeon Platinum processors), - (4th Generation Intel Xeon Gold Processors), - (4th Generation Intel Xeon Silver Processor), - (4th Generation Intel Xeon Bronze Processor), 5.5 (openSUSE Leap Micro), 15 SP4-LTSS (Suse Linux Enterprise Server), - (14th Generation Intel Core Processor Family), - (5th Generation Intel Xeon Scalable processors), 15 SP6 (Suse Linux Enterprise Desktop), 15 SP6 (Suse Linux Enterprise Server), 15 SP6 (SUSE Linux Enterprise Server for SAP Applications), 24.04 LTS (Ubuntu), 15.6 (OpenSUSE Leap), - (4th Gen Intel Xeon Scalable Processors), 1.8 (Astra Linux Special Edition), - (Intel Pentium Gold Processor Family), 12 SP5-LTSS (Suse Linux Enterprise Server), 12 SP5 LTSS Extended Security (Suse Linux Enterprise Server), - (4th Generation Intel Xeon Edge Enhanced Processors), - (Intel Xeon W2400 Processors), - (Intel Xeon W3400 Processors), 15 SP5-LTSS (Suse Linux Enterprise Server), - (Intel Core i9 processor 13900), - (Intel Core i9 processor 13900E), - (Intel Core i9 processor 14900), - (Intel Core i7 processor 14700), - (Intel Core i9 processor 14901E), - (Intel Core i7 processor 14701E), 15 SP7 (Suse Linux Enterprise Desktop), 15 SP7 (Suse Linux Enterprise Server), 15 SP7 (SUSE Linux Enterprise Server for SAP Applications), 25.04 (Ubuntu), - (Intel Core Ultra Processors (Series 2)), - (Intel Core Ultra Processor (Series 1)), - (5th Generation Intel Xeon Platinum processors), - (5th Generation Intel Xeon Gold Processors), - (5th Generation Intel Xeon Silver Processor), - (5th Generation Intel Xeon Bronze Processor), 13 (Debian GNU/Linux), 16.0 (SUSE Linux Enterprise Server for SAP Applications), 25.10 (Ubuntu), 16.0 (Suse Linux Enterprise Server), - (13th Generation Intel Core i9 Processors), - (Intel Core i9 processor 14900HX), - (Intel Core processors (Series 1)), - (Intel Core processors (Series 2)), - (Intel Core Processor U-series), - (Intel Core 9), - (Intel Xeon E processor family), - (Intel Xeon CPU Max Series processor), - (5th Gen Intel Xeon Processor), до 3.1 (ОСОН ОСнова Оnyx)
Тип ПО: Операционная система, Микропрограммный код, ПО программно-аппаратного средства, Микропрограммный код аппаратных компонентов компьютера
ОС / платформа: Canonical Ltd. Ubuntu 16.04 LTS , Canonical Ltd. Ubuntu 18.04 LTS , Novell Inc. Suse Linux Enterprise Desktop 12 SP3 , Novell Inc. Suse Linux Enterprise Desktop 12 SP4 , Novell Inc. SUSE Linux Enterprise Server for SAP Applications 12 SP2 , Novell Inc. SUSE Linux Enterprise Server for SAP Applications 12 SP3 , Novell Inc. SUSE Linux Enterprise Server for SAP Applications 12 SP4 , Novell Inc. OpenSUSE Leap 15.5 , Novell Inc. Suse Linux Enterprise Server 12 SP3 , Novell Inc. Suse Linux Enterprise Server 12 SP4 , Novell Inc. Suse Linux Enterprise Server 11 SP4 , Novell Inc. Suse Linux Enterprise Server 12 SP2-BCL , Novell Inc. Suse Linux Enterprise Server 12 SP2-ESPOS , Novell Inc. Suse Linux Enterprise Server 12-LTSS , Novell Inc. SUSE Linux Enterprise Server for SAP Applications 12 SP1 , Novell Inc. SUSE Linux Enterprise Server for SAP Applications 15 , Novell Inc. SUSE Linux Enterprise Server for SAP Applications 15 SP1 , Novell Inc. Suse Linux Enterprise Server 11 SP4-LTSS , Novell Inc. Suse Linux Enterprise Server 12 SP1-LTSS , Novell Inc. Suse Linux Enterprise Server 12 SP2-LTSS , Novell Inc. Suse Linux Enterprise Server 12 SP3-BCL , Novell Inc. Suse Linux Enterprise Server 12 SP5 , Novell Inc. Suse Linux Enterprise Server 11 SP3-LTSS , Novell Inc. Suse Linux Enterprise Server 12 SP3-ESPOS , Novell Inc. Suse Linux Enterprise Desktop 12 SP2 , Novell Inc. Suse Linux Enterprise Server 12 SP2 , Novell Inc. Suse Linux Enterprise Server 15-LTSS , Novell Inc. Suse Linux Enterprise Desktop 12 SP1 , Novell Inc. Suse Linux Enterprise Server 12 SP1 , Canonical Ltd. Ubuntu 20.04 LTS , Novell Inc. Suse Linux Enterprise Desktop 11 SP4 , Novell Inc. Suse Linux Enterprise Server 11 SP3 , Novell Inc. Suse Linux Enterprise Desktop 12 , Novell Inc. Suse Linux Enterprise Server 12 SP4-ESPOS , Novell Inc. Suse Linux Enterprise Server 12 SP4-LTSS , Novell Inc. Suse Linux Enterprise Server 15 SP1-BCL , Novell Inc. Suse Linux Enterprise Server 15 SP1-LTSS , Novell Inc. Suse Linux Enterprise Server 15 SP 3 , Novell Inc. Suse Linux Enterprise Desktop 11 SP3 , Novell Inc. OpenSUSE Leap 15.3 , Novell Inc. Suse Linux Enterprise Server 15 SP1 , Сообщество свободного программного обеспечения Debian GNU/Linux 11 , Сообщество свободного программного обеспечения Debian GNU/Linux 12 , Novell Inc. Suse Linux Enterprise Server 12 , ООО «РусБИТех-Астра» Astra Linux Special Edition 1.7 (запись в едином реестре российских программ №369), Novell Inc. OpenSUSE Leap 15.4 , Novell Inc. SUSE Linux Enterprise Server for SAP Applications 15 SP3 , Novell Inc. Suse Linux Enterprise Desktop 15 SP3 , Novell Inc. Suse Linux Enterprise Server 15 SP2 , Novell Inc. SUSE Linux Enterprise Server for SAP Applications 15 SP2 , Novell Inc. Suse Linux Enterprise Server 15 SP4 , Novell Inc. Suse Linux Enterprise Desktop 15 SP2 , Novell Inc. Suse Linux Enterprise Desktop 15 SP4 , Novell Inc. Suse Linux Enterprise Server 15 , Novell Inc. Suse Linux Enterprise Server 15 SP2-BCL , Novell Inc. SUSE Linux Enterprise Server for SAP Applications 15 SP4 , Canonical Ltd. Ubuntu 22.04 LTS , Novell Inc. Suse Linux Enterprise Server 15 SP2-LTSS , Novell Inc. Suse Linux Enterprise Desktop 15 SP1 , Novell Inc. Suse Linux Enterprise Desktop 15 , Novell Inc. openSUSE Leap Micro 5.2 , Novell Inc. openSUSE Leap Micro 5.3 , Novell Inc. Suse Linux Enterprise Server 15 SP3-LTSS , Novell Inc. Suse Linux Enterprise Server 11 SP4-LTSS-EXTREME-CORE , Novell Inc. Suse Linux Enterprise Server 15 SP3-BCL , Novell Inc. SUSE Linux Enterprise Server for SAP Applications 15 SP5 , Novell Inc. Suse Linux Enterprise Server 15 SP5 , Novell Inc. Suse Linux Enterprise Desktop 15 SP5 , Novell Inc. openSUSE Leap Micro 5.4 , Novell Inc. openSUSE Leap Micro 5.5 , Novell Inc. Suse Linux Enterprise Server 15 SP4-LTSS , Novell Inc. Suse Linux Enterprise Desktop 15 SP6 , Novell Inc. Suse Linux Enterprise Server 15 SP6 , Novell Inc. SUSE Linux Enterprise Server for SAP Applications 15 SP6 , Canonical Ltd. Ubuntu 24.04 LTS , Novell Inc. OpenSUSE Leap 15.6 , ООО «РусБИТех-Астра» Astra Linux Special Edition 1.8 (запись в едином реестре российских программ №369), Novell Inc. Suse Linux Enterprise Server 12 SP5-LTSS , Novell Inc. Suse Linux Enterprise Server 12 SP5 LTSS Extended Security , Novell Inc. Suse Linux Enterprise Server 15 SP5-LTSS , Novell Inc. Suse Linux Enterprise Desktop 15 SP7 , Novell Inc. Suse Linux Enterprise Server 15 SP7 , Novell Inc. SUSE Linux Enterprise Server for SAP Applications 15 SP7 , Canonical Ltd. Ubuntu 25.04 , Сообщество свободного программного обеспечения Debian GNU/Linux 13 , Novell Inc. SUSE Linux Enterprise Server for SAP Applications 16.0 , Canonical Ltd. Ubuntu 25.10 , Novell Inc. Suse Linux Enterprise Server 16.0 , АО "НППКТ" ОСОН ОСнова Оnyx до 3.1 (запись в едином реестре российских программ №5913)
⚙️ Технические сведения
Тип ошибки
Недостаточное пространственное разделение (CWE-653)
Класс уязвимости
Уязвимость кода
Дата выявления
12.08.2025
Способ эксплуатации
Манипулирование ресурсами
Способ устранения
Обновление программного обеспечения
Статус уязвимости
Подтверждена производителем
Наличие эксплойта
Данные уточняются
Устранение
Уязвимость устранена
📊 CVSS
CVSS 2.0
AV:L/AC:H/Au:S/C:C/I:C/A:C
CVSS 3.0
AV:L/AC:H/PR:L/UI:N/S:C/C:H/I:H/A:H
CVSS 4.0
AV:L/AC:H/AT:P/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N
⚠️ Уровень опасности
Средний уровень опасности (базовая оценка CVSS 2.0 составляет 6)
Высокий уровень опасности (базовая оценка CVSS 3.1 составляет 7,8)
Высокий уровень опасности (оценка CVSS 4.0 составляет 7,3)
🔗 Источники и меры
🔗 https://github.com/intel/Intel-Linux-Processor-Mic... 🔗 https://intel.com/content/www/us/en/security-cente... 🔗 https://security-tracker.debian.org/tracker/CVE-20... 🔗 https://wiki.astralinux.ru/astra-linux-se18-bullet... 🔗 https://www.suse.com/security/cve/CVE-2025-20109.h... 🔗 https://ubuntu.com/security/CVE-2025-20109 🔗 https://ubuntu.com/security/notices/USN-7866-1 🔗 https://поддержка.нппкт.рф/bin/view/ОСнова/Обновле... 🔗 https://wiki.astralinux.ru/astra-linux-se17-bullet...
🏷️ Идентификаторы
CVE-2025-20109, INTEL-SA-01249
📅 Даты
Дата публикации
03.12.2025
Последнее обновление
06.05.2026
← Назад к списку