Intel Family Security Update Advisory
Overview
We have released a security update to fix vulnerabilities in the Intel family of products. Users of affected products are advised to update to the latest version.
Affected Products
CVE-2025-20053, CVE-2025-24305
5th Gen Intel® Xeon® Scalable Processors
4th Gen Intel® Xeon® Scalable processors
Intel® Xeon® 6 processor family
Intel® Xeon® 6 processor with E-cores
CVE-2025-20074
Intel® Connectivity Performance Suite software version: less than 40.24.11210
CVE-2025-20093, CVE-2025-22836, CVE-2025-22893, CVE-2025-23241, CVE-2025-24303, CVE-2025-24325, CVE-2025-24484
Intel® 800 Series Ethernet Linux kernel-mode drivers version: less than 1.17.2
CVE-2025-20109
12th Generation Intel® Core™ Processor Family
Intel® Pentium® Gold Processor Family
Intel® Celeron® Processor Family
13th Generation Intel® Core™ Processor Family
14th Generation Intel® Core™ Processor Family
13th Generation Intel® Core™ i9 Processors
Intel® Core™ i9 processor 14900HX
Intel® Core™ processors (Series 1)
Intel® Core™ processors (Series 2)
Intel® Core™ Processor U-series
Intel® Core™ 9
Intel® Core™ i9 processor 13900
Intel® Core™ i9 processor 13900E
Intel® Core™ i9 processor 14900
Intel® Core™ i9 processor 14901E
Intel® Core™ i7 processor 14700
Intel® Core™ i7 processor 14701E
Intel® Xeon® E processor family
Intel® Core™ Ultra Processors (Series 1)
Intel® Core™ Ultra Processors (Series 2)
4th Generation Intel® Xeon® Scalable processor
4th Generation Intel® Xeon® Platinum processor
4th Generation Intel® Xeon® Gold Processor
4th Generation Intel® Xeon® Silver Processor
4th Generation Intel® Xeon® Bronze Processor
Intel® Xeon® CPU Max Series processor (High Bandwidth Memory HBM)
4th Generation Intel® Xeon® Edge Enhanced Processor
4th Gen Intel® Xeon® Scalable Processors with Intel® vRAN
Intel® Xeon® W2400 and W3400 Processor
5th Gen Intel® Xeon® Scalable Processor
5th Generation Intel® Xeon® Platinum processor
5th Generation Intel® Xeon® Gold Processor
5th Generation Intel® Xeon® Silver Processor
5th Generation Intel® Xeon® Bronze Processor
5th Gen Intel® Xeon® Processor
CVE-2025-20625
Intel® Wi-Fi 6E AX211 (GfP2), Intel® Wi-Fi 7 BE200 (GaP2 Discrete), Intel® Wi-Fi 7 BE201 (FmP2), Intel® Wi-Fi 7 BE202 (MtP2) for Windows Version: 23.110.0.5 and below
CVE-2025-22839
Intel® Xeon® 6 processor with P-Cores
Intel® Xeon® 6 processors
CVE-2025-22889
Intel® Xeon® 6 processor with P-cores
CVE-2025-24323
Intel® PCIe Switch software version: MR4_1.0b1 or lower
Cve-2025-24486, cve-2025-25273
Intel® 700 Series Ethernet Linux kernel-mode drivers version: less than 2.28.5
Resolved Vulnerabilities
Privilege escalation vulnerability due to improper buffer limits in Intel® Xeon® Processor (SGX enabled) (CVE-2025-20053)
Privilege escalation vulnerability due to insufficient control flow management in Intel® Xeon® Processor ACTM firmware (CVE-2025-24305)
Privilege escalation vulnerability due to a checkpoint-time-of-use race condition in Intel® Connectivity Performance Suite software Installer (CVE-2025-20074)
Elevation of privilege vulnerability due to improper checking for abnormal or exceptional conditions in the Intel® 800 Series Ethernet Linux kernel-mode driver (CVE-2025-20093)
Elevation of privilege vulnerability due to integer overflow or wrapping in the Intel® 800 Series Ethernet Linux kernel-mode driver (CVE-2025-22836)
Privilege escalation vulnerability due to insufficient control flow management in the Intel® 800 Series Ethernet Linux kernel-mode driver (CVE-2025-22893)
Denial of service vulnerability due to integer overflow or wrapping in the Intel® 800 Series Ethernet Linux kernel-mode driver (CVE-2025-23241)
Elevation of privilege vulnerability due to improper checking for abnormal or exceptional conditions in the Intel® 800 Series Ethernet Linux kernel-mode driver (CVE-2025-24303)
Privilege escalation vulnerability due to improper input validation in the Intel® 800 Series Ethernet Linux kernel-mode driver (CVE-2025-24325)
Privilege escalation vulnerability due to improper input validation in the Intel® 800 Series Ethernet Linux kernel-mode driver (CVE-2025-24484)
Privilege escalation vulnerability due to improper isolation or compartmentalization of the stream cache mechanism in Intel® Processors (CVE-2025-20109)
Denial of Service Vulnerability due to improper condition checking in Intel® PROSet/Wireless WiFi Software (CVE-2025-20625)
Privilege Escalation Vulnerability due to Insufficient Access Control Granularity in Intel® Xeon® 6 Scalable processors OOB-MSM (CVE-2025-22839)
Privilege escalation vulnerability due to improper handling of nesting between protected memory ranges in Intel® Xeon® 6 Processors (CVE-2025-22889)
Privilege escalation vulnerability due to improper access control in the Intel® PCIe Switch software firmware package and LED mode toggle tool (CVE-2025-24323)
Privilege escalation vulnerability due to improper input validation in the Intel® 700 Series Ethernet Linux kernel-mode driver (CVE-2025-24486)
Elevation of privilege vulnerability due to insufficient control flow management in the Intel® 700 Series Ethernet Linux kernel-mode driver (CVE-2025-25273)
Vulnerability Patches
Vulnerability Patches have been made available in the latest updates. Please follow the instructions on the Referenced Sites to update to the latest Vulnerability Patches version.
CVE-2025-20053, CVE-2025-24305
See recommendations on the Referenced Sites[1]
CVE-2025-20074
Intel® Connectivity Performance Suite software version: 40.24.11210 or later
CVE-2025-20093,CVE-2025-22836, CVE-2025-22893, CVE-2025-23241, CVE-2025-24303, CVE-2025-24325, CVE-2025-24484
Intel® 800 Series Ethernet Linux kernel-mode drivers version: 1.17.2 or later
Intel® Ethernet Adapter Complete Driver Pack version version: 30.0.1 or later
CVE-2025-20109
See recommendations in the reference site [4]
CVE-2025-20625
Intel® Wi-Fi 6E AX211 (GfP2), Intel® Wi-Fi 7 BE200 (GaP2 Discrete), Intel® Wi-Fi 7 BE201 (FmP2), Intel® Wi-Fi 7 BE202 (MtP2) for Windows versions: 23.110.0.5 and later
CVE-2025-22839
See recommendations in the reference site [6]
CVE-2025-22889
See recommendations in reference [7]
CVE-2025-24323
*the product has been discontinued and we recommend that you uninstall or discontinue use of the software as soon as possible.
for more information, see the reference [8]
CVE-2025-24486, CVE-2025-25273
Intel® 700 Series Ethernet Linux kernel-mode drivers version: 2.28.5 or later
References
[1] 2025.3 IPU, Intel® Xeon® Processor Firmware Advisory
https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-01313.html
[2] Intel® Connectivity Performance Suite Software Installer Advisory
https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-01286.html
[3] Intel® 800 Series Ethernet Driver Advisory
https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-01296.html
[4] 2025.2 IPU, Intel® Processor Stream Cache Advisory
https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-01249.html
[5] Intel® PROSet/Wireless WiFi Software Advisory
https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-01292.html
[6] Intel® OOBM Services Module Advisory
https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-01310.html
[7] Intel® Xeon® 6 Processor with Intel® TDX Advisory
https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-01311.html
[8] Intel® PCIe Switch Software Advisory
https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-01339.html
[9] Intel® Ethernet Drivers for Linux Advisory
https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-01335.html