Описание
Уязвимость микропрограммного обеспечения процессоров Intel Xeon связана с неправильной обработкой перекрытия защищенных диапазонов памяти. Эксплуатация уязвимости может позволить нарушителю повысить свои привилегии
Вендор
Canonical Ltd.
Novell Inc.
Сообщество свободного программного обеспечения
ООО «РусБИТех-Астра»
Intel Corp.
Наименование ПО
Ubuntu
Suse Linux Enterprise Desktop
SUSE Linux Enterprise Server for SAP Applications
OpenSUSE Leap
Suse Linux Enterprise Server
Debian GNU/Linux
openSUSE Leap Micro
Astra Linux Special Edition
Intel Xeon 6 processor with P-Cores
Версия ПО
16.04 LTS (Ubuntu)
18.04 LTS (Ubuntu)
12 SP3 (Suse Linux Enterprise Desktop)
12 SP4 (Suse Linux Enterprise Desktop)
12 SP2 (SUSE Linux Enterprise Server for SAP Applications)
12 SP3 (SUSE Linux Enterprise Server for SAP Applications)
12 SP4 (SUSE Linux Enterprise Server for SAP Applications)
15.5 (OpenSUSE Leap)
12 SP3 (Suse Linux Enterprise Server)
12 SP4 (Suse Linux Enterprise Server)
11 SP4 (Suse Linux Enterprise Server)
12 SP2-BCL (Suse Linux Enterprise Server)
12 SP2-ESPOS (Suse Linux Enterprise Server)
12-LTSS (Suse Linux Enterprise Server)
12 SP1 (SUSE Linux Enterprise Server for SAP Applications)
15 (SUSE Linux Enterprise Server for SAP Applications)
15 SP1 (SUSE Linux Enterprise Server for SAP Applications)
11 SP4-LTSS (Suse Linux Enterprise Server)
12 SP1-LTSS (Suse Linux Enterprise Server)
12 SP2-LTSS (Suse Linux Enterprise Server)
12 SP3-LTSS (Suse Linux Enterprise Server)
12 SP3-BCL (Suse Linux Enterprise Server)
12 SP5 (Suse Linux Enterprise Server)
11 SP3-LTSS (Suse Linux Enterprise Server)
12 SP3-ESPOS (Suse Linux Enterprise Server)
12 SP2 (Suse Linux Enterprise Desktop)
12 SP2 (Suse Linux Enterprise Server)
15-LTSS (Suse Linux Enterprise Server)
12 SP1 (Suse Linux Enterprise Desktop)
12 SP1 (Suse Linux Enterprise Server)
20.04 LTS (Ubuntu)
11 SP4 (Suse Linux Enterprise Desktop)
11 SP3 (Suse Linux Enterprise Server)
12 (Suse Linux Enterprise Desktop)
12 SP4-ESPOS (Suse Linux Enterprise Server)
12 SP4-LTSS (Suse Linux Enterprise Server)
15 SP1-BCL (Suse Linux Enterprise Server)
15 SP1-LTSS (Suse Linux Enterprise Server)
11 SP3 (Suse Linux Enterprise Desktop)
15.3 (OpenSUSE Leap)
15 SP1 (Suse Linux Enterprise Server)
11 (Debian GNU/Linux)
12 (Debian GNU/Linux)
12 (Suse Linux Enterprise Server)
15.4 (OpenSUSE Leap)
15 SP3 (Suse Linux Enterprise Server)
15 SP3 (SUSE Linux Enterprise Server for SAP Applications)
15 SP3 (Suse Linux Enterprise Desktop)
15 SP2 (Suse Linux Enterprise Server)
15 SP2 (SUSE Linux Enterprise Server for SAP Applications)
15 SP4 (Suse Linux Enterprise Server)
15 SP2 (Suse Linux Enterprise Desktop)
15 SP4 (Suse Linux Enterprise Desktop)
15 (Suse Linux Enterprise Server)
15 SP2-BCL (Suse Linux Enterprise Server)
15 SP4 (SUSE Linux Enterprise Server for SAP Applications)
22.04 LTS (Ubuntu)
15 SP2-LTSS (Suse Linux Enterprise Server)
15 SP1 (Suse Linux Enterprise Desktop)
15 (Suse Linux Enterprise Desktop)
5.2 (openSUSE Leap Micro)
5.3 (openSUSE Leap Micro)
15 SP3-LTSS (Suse Linux Enterprise Server)
11 SP4-LTSS-EXTREME-CORE (Suse Linux Enterprise Server)
15 SP3-BCL (Suse Linux Enterprise Server)
15 SP5 (SUSE Linux Enterprise Server for SAP Applications)
15 SP5 (Suse Linux Enterprise Server)
15 SP5 (Suse Linux Enterprise Desktop)
5.4 (openSUSE Leap Micro)
5.5 (openSUSE Leap Micro)
15 SP4-LTSS (Suse Linux Enterprise Server)
15 SP6 (Suse Linux Enterprise Desktop)
15 SP6 (Suse Linux Enterprise Server)
15 SP6 (SUSE Linux Enterprise Server for SAP Applications)
24.04 LTS (Ubuntu)
15.6 (OpenSUSE Leap)
1.8 (Astra Linux Special Edition)
12 SP5-LTSS (Suse Linux Enterprise Server)
12 SP5 LTSS Extended Security (Suse Linux Enterprise Server)
15 SP5-LTSS (Suse Linux Enterprise Server)
15 SP7 (Suse Linux Enterprise Desktop)
15 SP7 (Suse Linux Enterprise Server)
15 SP7 (SUSE Linux Enterprise Server for SAP Applications)
25.04 (Ubuntu)
13 (Debian GNU/Linux)
16.0 (SUSE Linux Enterprise Server for SAP Applications)
25.10 (Ubuntu)
16.0 (Suse Linux Enterprise Server)
- (Intel Xeon 6 processor with P-Cores)
Тип ПО
Операционная система
Микропрограммный код
Операционные системы и аппаратные платформы
Canonical Ltd. Ubuntu 16.04 LTS
Canonical Ltd. Ubuntu 18.04 LTS
Novell Inc. Suse Linux Enterprise Desktop 12 SP3
Novell Inc. Suse Linux Enterprise Desktop 12 SP4
Novell Inc. SUSE Linux Enterprise Server for SAP Applications 12 SP2
Novell Inc. SUSE Linux Enterprise Server for SAP Applications 12 SP3
Novell Inc. SUSE Linux Enterprise Server for SAP Applications 12 SP4
Novell Inc. OpenSUSE Leap 15.5
Novell Inc. Suse Linux Enterprise Server 12 SP3
Novell Inc. Suse Linux Enterprise Server 12 SP4
Novell Inc. Suse Linux Enterprise Server 11 SP4
Novell Inc. Suse Linux Enterprise Server 12 SP2-BCL
Novell Inc. Suse Linux Enterprise Server 12 SP2-ESPOS
Novell Inc. Suse Linux Enterprise Server 12-LTSS
Novell Inc. SUSE Linux Enterprise Server for SAP Applications 12 SP1
Novell Inc. SUSE Linux Enterprise Server for SAP Applications 15
Novell Inc. SUSE Linux Enterprise Server for SAP Applications 15 SP1
Novell Inc. Suse Linux Enterprise Server 11 SP4-LTSS
Novell Inc. Suse Linux Enterprise Server 12 SP1-LTSS
Novell Inc. Suse Linux Enterprise Server 12 SP2-LTSS
Novell Inc. Suse Linux Enterprise Server 12 SP3-LTSS
Novell Inc. Suse Linux Enterprise Server 12 SP3-BCL
Novell Inc. Suse Linux Enterprise Server 12 SP5
Novell Inc. Suse Linux Enterprise Server 11 SP3-LTSS
Novell Inc. Suse Linux Enterprise Server 12 SP3-ESPOS
Novell Inc. Suse Linux Enterprise Desktop 12 SP2
Novell Inc. Suse Linux Enterprise Server 12 SP2
Novell Inc. Suse Linux Enterprise Server 15-LTSS
Novell Inc. Suse Linux Enterprise Desktop 12 SP1
Novell Inc. Suse Linux Enterprise Server 12 SP1
Canonical Ltd. Ubuntu 20.04 LTS
Novell Inc. Suse Linux Enterprise Desktop 11 SP4
Novell Inc. Suse Linux Enterprise Server 11 SP3
Novell Inc. Suse Linux Enterprise Desktop 12
Novell Inc. Suse Linux Enterprise Server 12 SP4-ESPOS
Novell Inc. Suse Linux Enterprise Server 12 SP4-LTSS
Novell Inc. Suse Linux Enterprise Server 15 SP1-BCL
Novell Inc. Suse Linux Enterprise Server 15 SP1-LTSS
Novell Inc. Suse Linux Enterprise Desktop 11 SP3
Novell Inc. OpenSUSE Leap 15.3
Novell Inc. Suse Linux Enterprise Server 15 SP1
Сообщество свободного программного обеспечения Debian GNU/Linux 11
Сообщество свободного программного обеспечения Debian GNU/Linux 12
Novell Inc. Suse Linux Enterprise Server 12
Novell Inc. OpenSUSE Leap 15.4
Novell Inc. Suse Linux Enterprise Server 15 SP3
Novell Inc. SUSE Linux Enterprise Server for SAP Applications 15 SP3
Novell Inc. Suse Linux Enterprise Desktop 15 SP3
Novell Inc. Suse Linux Enterprise Server 15 SP2
Novell Inc. SUSE Linux Enterprise Server for SAP Applications 15 SP2
Novell Inc. Suse Linux Enterprise Server 15 SP4
Novell Inc. Suse Linux Enterprise Desktop 15 SP2
Novell Inc. Suse Linux Enterprise Desktop 15 SP4
Novell Inc. Suse Linux Enterprise Server 15
Novell Inc. Suse Linux Enterprise Server 15 SP2-BCL
Novell Inc. SUSE Linux Enterprise Server for SAP Applications 15 SP4
Canonical Ltd. Ubuntu 22.04 LTS
Novell Inc. Suse Linux Enterprise Server 15 SP2-LTSS
Novell Inc. Suse Linux Enterprise Desktop 15 SP1
Novell Inc. Suse Linux Enterprise Desktop 15
Novell Inc. openSUSE Leap Micro 5.2
Novell Inc. openSUSE Leap Micro 5.3
Novell Inc. Suse Linux Enterprise Server 15 SP3-LTSS
Novell Inc. Suse Linux Enterprise Server 11 SP4-LTSS-EXTREME-CORE
Novell Inc. Suse Linux Enterprise Server 15 SP3-BCL
Novell Inc. SUSE Linux Enterprise Server for SAP Applications 15 SP5
Novell Inc. Suse Linux Enterprise Server 15 SP5
Novell Inc. Suse Linux Enterprise Desktop 15 SP5
Novell Inc. openSUSE Leap Micro 5.4
Novell Inc. openSUSE Leap Micro 5.5
Novell Inc. Suse Linux Enterprise Server 15 SP4-LTSS
Novell Inc. Suse Linux Enterprise Desktop 15 SP6
Novell Inc. Suse Linux Enterprise Server 15 SP6
Novell Inc. SUSE Linux Enterprise Server for SAP Applications 15 SP6
Canonical Ltd. Ubuntu 24.04 LTS
Novell Inc. OpenSUSE Leap 15.6
ООО «РусБИТех-Астра» Astra Linux Special Edition 1.8
Novell Inc. Suse Linux Enterprise Server 12 SP5-LTSS
Novell Inc. Suse Linux Enterprise Server 12 SP5 LTSS Extended Security
Novell Inc. Suse Linux Enterprise Server 15 SP5-LTSS
Novell Inc. Suse Linux Enterprise Desktop 15 SP7
Novell Inc. Suse Linux Enterprise Server 15 SP7
Novell Inc. SUSE Linux Enterprise Server for SAP Applications 15 SP7
Canonical Ltd. Ubuntu 25.04
Сообщество свободного программного обеспечения Debian GNU/Linux 13
Novell Inc. SUSE Linux Enterprise Server for SAP Applications 16.0
Canonical Ltd. Ubuntu 25.10
Novell Inc. Suse Linux Enterprise Server 16.0
Уровень опасности уязвимости
Средний уровень опасности (базовая оценка CVSS 2.0 составляет 5,9)
Высокий уровень опасности (базовая оценка CVSS 3.1 составляет 7,9)
Высокий уровень опасности (оценка CVSS 4.0 составляет 7)
Возможные меры по устранению уязвимости
В условиях отсутствия обновлений безопасности от производителя рекомендуется придерживаться "Рекомендаций по безопасной настройке операционных систем LINUX", изложенных в методическом документе ФСТЭК России, утверждённом 25 декабря 2022 года.
Использование рекомендаций:
Для Intel Xeon:
https://intel.com/content/www/us/en/security-center/advisory/intel-sa-01311.html
Для Debian:
https://security-tracker.debian.org/tracker/CVE-2025-22889
Для ОС Astra Linux:
обновить пакет intel-microcode до 3.20250812.1.astra1 или более высокой версии, используя рекомендации производителя: https://wiki.astralinux.ru/astra-linux-se18-bulletin-2025-1113SE18
Для программных продуктов Ubuntu:
https://ubuntu.com/security/CVE-2025-22889
Для программных продуктов Novell Inc.:
https://www.suse.com/security/cve/CVE-2025-22889.html
Статус уязвимости
Подтверждена производителем
Наличие эксплойта
Данные уточняются
Информация об устранении
Уязвимость устранена
Ссылки на источники
Идентификаторы других систем описаний уязвимостей
- CVE
- INTEL-SA-
EPSS
Процентиль: 2%
0.00014
Низкий
7.9 High
CVSS3
5.9 Medium
CVSS2
Связанные уязвимости
CVSS3: 7.9
ubuntu
6 месяцев назад
Improper handling of overlap between protected memory ranges for some Intel(R) Xeon(R) 6 processor with Intel(R) TDX may allow a privileged user to potentially enable escalation of privilege via local access.
CVSS3: 7.9
nvd
6 месяцев назад
Improper handling of overlap between protected memory ranges for some Intel(R) Xeon(R) 6 processor with Intel(R) TDX may allow a privileged user to potentially enable escalation of privilege via local access.
CVSS3: 7.9
debian
6 месяцев назад
Improper handling of overlap between protected memory ranges for some ...
CVSS3: 7.9
github
6 месяцев назад
Improper handling of overlap between protected memory ranges for some Intel(R) Xeon(R) 6 processor with Intel(R) TDX may allow a privileged user to potentially enable escalation of privilege via local access.
EPSS
Процентиль: 2%
0.00014
Низкий
7.9 High
CVSS3
5.9 Medium
CVSS2