CVE-2025-22047

x86/microcode/AMD: Fix __apply_microcode_amd()'s return value

Description

In the Linux kernel, the following vulnerability has been resolved: x86/microcode/AMD: Fix __apply_microcode_amd()'s return value When verify_sha256_digest() fails, __apply_microcode_amd() should propagate the failure by returning false (and not -1 which is promoted to true).

N/A
CVSS
Severity:
EPSS 0.03%
Affected: Linux Linux
Affected: Linux Linux
Published at:
Updated at:

References

Link Tags
https://git.kernel.org/stable/c/763f4d638f71cb45235395790a46e9f9e84227fd
https://git.kernel.org/stable/c/ada88219d5315fc13f2910fe278c7112d8d68889
https://git.kernel.org/stable/c/d295c58fad1d5ab987a81f139dd21498732c4f13
https://git.kernel.org/stable/c/7f705a45f130a85fbf31c2abdc999c65644c8307
https://git.kernel.org/stable/c/31ab12df723543047c3fc19cb8f8c4498ec6267f

Frequently Asked Questions

What is the severity of CVE-2025-22047?
CVE-2025-22047 has not yet been assigned a CVSS score.
How to fix CVE-2025-22047?
To fix CVE-2025-22047, make sure you are using an up-to-date version of the affected component(s) by checking the vendor release notes. As for now, there are no other specific guidelines available.
Is CVE-2025-22047 being actively exploited in the wild?
As for now, there are no information to confirm that CVE-2025-22047 is being actively exploited. According to its EPSS score, there is a ~0% probability that this vulnerability will be exploited by malicious actors in the next 30 days.
What software or system is affected by CVE-2025-22047?
CVE-2025-22047 affects Linux Linux, Linux Linux.
This platform uses data from the NIST NVD, MITRE CVE, MITRE CWE, First.org and CISA KEV but is not endorsed or certified by these entities. CVE is a registred trademark of the MITRE Corporation and the authoritative source of CVE content is MITRE's CVE web site. CWE is a registred trademark of the MITRE Corporation and the authoritative source of CWE content is MITRE's CWE web site.
© 2025 Under My Watch. All Rights Reserved.