CVE-2025-52536

Publication date 10 February 2026

Last updated 26 June 2026

Ubuntu priority

Medium

Why this priority?

Description

Improper Prevention of Lock Bit Modification in SEV firmware could allow a privileged attacker to downgrade firmware potentially resulting in a loss of integrity.

Read the notes from the security team

Status

Package Ubuntu Release Status
amd64-microcode 26.04 LTS resolute
Vulnerable
25.10 questing
Vulnerable
24.04 LTS noble
Vulnerable
22.04 LTS jammy
Not affected
20.04 LTS focal
Not affected
18.04 LTS bionic
Not affected
16.04 LTS xenial
Not affected
14.04 LTS trusty
Not affected

Notes

rodrigo-zaiden

affects SEV FW, supported in microcode package starting from noble AMD advisory mentions SEV release in: Milan (fam 19h model 01h): SEV FW 1.37.1F (1.55.31) Genoa (fam 19h model 11h): SEV FW 1.37.2B (1.55.43) Turin (fam 1a model 02h): SEV FW 1.37.3D (1.55.61) Upstream including these versions is found in commit 13786e87: Update AMD SEV firmware to version 1.58 build 1 for AMD family 19h processors with models in the range 00h to 0fh. Update AMD SEV firmware to version 1.58 build 1 for AMD family 19h processors with models in the range 10h to 1fh. Update AMD SEV firmware to version 1.58 build 3 for AMD family 1ah processors with models in the range 00h to 0fh.

Patch details

For informational purposes only. We recommend not to cherry-pick updates. How can I get the fixes?

Package Patch details
amd64-microcode

Severity score breakdown

CVSS version: CVSS v4.0

Base score 6.7 · Medium

Vector: CVSS:4.0/AV:L/AC:L/AT:N/PR:H/UI:N/VC:N/VI:H/VA:N/SC:N/SI:N/SA:N

References

Other references

Access our resources on patching vulnerabilities