PT-2025-14488 · Linux+11 · Linux Kernel+11

Published

2025-03-10

Updated

2026-04-20

CVE-2025-21991

CVSS v3.1

7.8

High

Vector

AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

Name of the Vulnerable Software and Affected Versions Linux kernel (affected versions not specified)

Description The issue is related to an out-of-bounds error in the Linux kernel on systems with CPU-less NUMA nodes. This occurs when the load microcode amd function iterates over all NUMA nodes and attempts to access per-CPU data for the first CPU of each mask, even if the node has no CPUs. This can potentially corrupt memory while flashing a microcode update. The error is triggered when booting with CONFIG UBSAN BOUNDS=y on an AMD machine that flashes a microcode update, resulting in an array-index-out-of-bounds error.

Recommendations To resolve the issue, change the loop in the load microcode amd function to only iterate over NUMA nodes that have CPUs before determining whether the first CPU on the respective node needs a microcode update. At the moment, there is no information about a newer version that contains a fix for this vulnerability.

Exploit

DoS

Improper Validation of Array Index

Memory Corruption

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Weakness Enumeration

CWE-129CWE-787

Related Identifiers

ALSA-2025:10371

ALSA-2025:10837

ALSA-2025:11298

ALSA-2025:11299

ALT-PU-2025-12647

ALT-PU-2025-5786

AZL-59785

AZL-59843

BDU:2025-05649

CESA-2025_11298

CESA-2025_11299

CVE-2025-21991

DLA-4178-1

DLA-4193-1

DSA-5900-1

ECHO-BE4A-F644-1A2C

INFSA-2025_10837

INFSA-2025_11298

INFSA-2025_11299

MGASA-2025-0142

MGASA-2025-0146

OESA-2025-2633

OESA-2025-2634

OESA-2025-2635

OPENSUSE-SU-2025_01614-1

OPENSUSE-SU-2025_01707-1

RHSA-2025:10371

RHSA-2025:10837

RHSA-2025:11298

RHSA-2025:11299

RHSA-2025:13135

RHSA-2025:13633

RHSA-2025:13781

RHSA-2025:14054

RHSA-2025:14094

RHSA-2025_10837

RHSA-2025_11298

RHSA-2025_11299

SUSE-SU-2025:01614-1

SUSE-SU-2025:01707-1

SUSE-SU-2025:01919-1

SUSE-SU-2025:01951-1

SUSE-SU-2025:01964-1

SUSE-SU-2025:01967-1

SUSE-SU-2025:20192-1

SUSE-SU-2025:20206-1

SUSE-SU-2025:20270-1

SUSE-SU-2025:20283-1

SUSE-SU-2025_01614-1

SUSE-SU-2025_01707-1

SUSE-SU-2025_01951-1

SUSE-SU-2025_01964-1

SUSE-SU-2025_01967-1

USN-7585-1

USN-7585-2

USN-7585-3

USN-7585-4

USN-7585-5

USN-7585-6

USN-7585-7

USN-7591-1

USN-7591-2

USN-7591-3

USN-7591-4

USN-7591-5

USN-7591-6

USN-7592-1

USN-7593-1

USN-7597-1

USN-7597-2

USN-7598-1

USN-7602-1

USN-7605-1

USN-7605-2

USN-7606-1

USN-7628-1

USN-7640-1

USN-7655-1

USN-7764-1

USN-7764-2

USN-7765-1

USN-7766-1

USN-7767-1

USN-7767-2

USN-7779-1

USN-7790-1

USN-7800-1

USN-7801-1

USN-7801-2

USN-7801-3

USN-7802-1

USN-7809-1

Affected Products

Alt Linux

Almalinux

Astra Linux

Centos

Debian

Linuxmint

Linux Kernel

Red Hat

Red Os

Rocky Linux

Suse

Ubuntu

PT-2025-14488 · Linux+11 · Linux Kernel+11

CVE-2025-21991

Weakness Enumeration

Related Identifiers

Affected Products

References · 2171