CVE-2025-22047

Summary

In the Linux kernel, the following vulnerability has been resolved:

x86/microcode/AMD: Fix __apply_microcode_amd()'s return value

When verify_sha256_digest() fails, __apply_microcode_amd() should propagate the failure by returning false (and not -1 which is promoted to true).

Affected Software

VendorProductVersion RangeStatus
LinuxLinuxbef830144febedb7de86863ae99d8f53bed76e95 < 763f4d638f71cb45235395790a46e9f9e84227fdaffected
LinuxLinux3e8653e399e7111a3e87d534ff4533b250ae574f < ada88219d5315fc13f2910fe278c7112d8d68889affected
LinuxLinuxc162ba4f45ab6ef3b7114af6fb419f1833f050c0 < d295c58fad1d5ab987a81f139dd21498732c4f13affected
LinuxLinux50cef76d5cb0e199cda19f026842560f6eedc4f7 < 7f705a45f130a85fbf31c2abdc999c65644c8307affected
LinuxLinux50cef76d5cb0e199cda19f026842560f6eedc4f7 < 31ab12df723543047c3fc19cb8f8c4498ec6267faffected
LinuxLinux6.6.81 < 6.6.87affected
LinuxLinux6.12.18 < 6.12.23affected
LinuxLinux6.13.6 < 6.13.11affected
LinuxLinux6.14affected
LinuxLinux0 < 6.14unaffected
LinuxLinux6.6.87 <= 6.6.*unaffected
LinuxLinux6.12.23 <= 6.12.*unaffected
LinuxLinux6.13.11 <= 6.13.*unaffected
LinuxLinux6.14.2 <= 6.14.*unaffected
LinuxLinux6.15 <= *unaffected

Weaknesses

References