kernel: x86/microcode/AMD: Fix out-of-bounds on systems with CPU-less NUMA nodes

In the Linux kernel, the following vulnerability has been resolved: x86/microcode/AMD: Fix out-of-bounds on systems with CPU-less NUMA nodes Currently, loadmicrocodeamd iterates over all NUMA nodes, retrieves their CPU masks and unconditionally accesses per-CPU data for the first CPU of each mask...

AZL-59785 CVE-2025-21991 affecting package kernel for versions less than 5.15.180.1-1

In the Linux kernel, the following vulnerability has been resolved: x86/microcode/AMD: Fix out-of-bounds on systems with CPU-less NUMA nodes Currently, loadmicrocodeamd iterates over all NUMA nodes, retrieves their CPU masks and unconditionally accesses per-CPU data for the first CPU of each mask...

AZL-59843 CVE-2025-21991 affecting package kernel for versions less than 6.6.85.1-2

In the Linux kernel, the following vulnerability has been resolved: x86/microcode/AMD: Fix out-of-bounds on systems with CPU-less NUMA nodes Currently, loadmicrocodeamd iterates over all NUMA nodes, retrieves their CPU masks and unconditionally accesses per-CPU data for the first CPU of each mask...

CVE-2025-21991

The CVE-2025-21991 issue affects the Linux kernel’s AMD microcode loader for x86. It could trigger an out-of-bounds access when iterating NUMA nodes with empty or CPU-less nodes, potentially accessing cpu_data beyond its bounds during a microcode update. The root cause is that load_microcode_amd(...