CVE-2025-21090
Published: August 14, 2025Last modified: August 25, 2025
Description
Missing reference to active allocated resource for some Intel(R) Xeon(R) processors may allow an authenticated user to potentially enable denial of service via local access.
Severity score breakdown
| Parameter | Value |
|---|---|
| Base score | 6.5 |
| Attack Vector | LOCAL |
| Attack complexity | LOW |
| Privileges required | LOW |
| User interaction | NONE |
| Scope | CHANGED |
| Confidentiality | NONE |
| Integrity impact | NONE |
| Availability impact | HIGH |
| Vector | CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:N/I:N/A:H |
Status
| Product | Release | Package | Status |
|---|---|---|---|
| Alpaquita Linux | 23 LTS | intel-ucode | Fixed (20250812-r0) |
| 25 LTS | intel-ucode | Fixed (20250812-r0) | |
| Stream | intel-ucode | Fixed (20250812-r0) |