ALAS2023-2025-1189

References: CVE-2024-28956  CVE-2024-45332  CVE-2025-20054  CVE-2025-20103  CVE-2025-20109 
FAQs regarding Amazon Linux ALAS/CVE Severity

Issue Overview:

A potential security vulnerability in some Intel(r) Processors may allow information disclosure. Intel is releasing microcode updates and prescriptive guidance to mitigate this potential vulnerability.

Info: https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-01153.html (CVE-2024-28956)

Potential security vulnerabilities in some Intel(r) Processor indirect branch predictors may allow information disclosure. Intel is releasing microcode updates to mitigate these potential vulnerabilities.

Advisory: https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-01247.html (CVE-2024-45332)

Potential security vulnerabilities in some Intel(r) Processors may allow denial of service. Intel is releasing microcode updates to mitigate these potential vulnerabilities.

Advisory: https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-01244.html (CVE-2025-20054)

Potential security vulnerabilities in some Intel(r) Processors may allow denial of service. Intel is releasing microcode updates to mitigate these potential vulnerabilities.

Advisory: https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-01244.html (CVE-2025-20103)

Improper Isolation or Compartmentalization in the stream cache mechanism for some Intel(R) Processors may allow an authenticated user to potentially enable escalation of privilege via local access. (CVE-2025-20109)

Issue Correction:
Run dnf update microcode_ctl --releasever 2023.8.20250915 or dnf update --advisory ALAS2023-2025-1189 --releasever 2023.8.20250915 to update your system.
More information on how to update your system can be found on this page: Amazon Linux 2023 documentation

New Packages:

src:
    microcode_ctl-2.1-53.amzn2023.0.12.src

x86_64:
    microcode_ctl-2.1-53.amzn2023.0.12.x86_64