CVE-2025-0012
Publication date 10 February 2026
Last updated 26 June 2026
Ubuntu priority
Description
Improper handling of overlap between the segmented reverse map table (RMP) and system management mode (SMM) memory could allow a privileged attacker corrupt or partially infer SMM memory resulting in loss of integrity or confidentiality.
Status
| Package | Ubuntu Release | Status |
|---|---|---|
| amd64-microcode | 26.04 LTS resolute |
Fixed 3.20251202.1ubuntu1
|
| 25.10 questing |
Fixed 3.20251202.1ubuntu0.25.10.1
|
|
| 24.04 LTS noble |
Fixed 3.20251202.1ubuntu0.24.04.1
|
|
| 22.04 LTS jammy |
Vulnerable
|
|
| 20.04 LTS focal |
Vulnerable
|
|
| 18.04 LTS bionic |
Vulnerable
|
|
| 16.04 LTS xenial |
Vulnerable
|
|
| 14.04 LTS trusty | Ignored no real-world users |
Notes
rodrigo-zaiden
This is not planned to be fixed for the amd64-microcode package in Ubuntu 14.04 as that release was already outside of the LTS timeframe when this hardware platform was launched AMD released ucode patches for: AMD EPYC 9005 Series: C1:0x0B002147, Dense B0:0x0B101047. These two patches are included in upstream Version: 2025-07-29: Microcode patches in microcode_amd_fam1ah.bin: Family=0x1a Model=0x02 Stepping=0x01: Patch=0x0b002151 Length=14368 bytes Family=0x1a Model=0x11 Stepping=0x00: Patch=0x0b10104e Length=14368 bytes
Severity score breakdown
CVSS version: CVSS v4.0
Base score
6.8 · Medium
Vector: CVSS:4.0/AV:L/AC:L/AT:N/PR:H/UI:N/VC:L/VI:H/VA:N/SC:N/SI:N/SA:N