CVE-2025-21991: x86/microcode/AMD: Fix out-of-bounds on systems with CPU-less NUMA nodes
In the Linux kernel, the following vulnerability has been resolved:
x86/microcode/AMD: Fix out-of-bounds on systems with CPU-less NUMA nodes
Currently, load_microcode_amd() iterates over all NUMA nodes, retrieves their
CPU masks and unconditionally accesses per-CPU data for the first CPU of each
mask.
According to Documentation/admin-guide/mm/numaperf.rst:
"Some memory may share the same node as a CPU, and others are provided as
memory only nodes."
Therefore, some node CPU masks may be empty and wouldn't have a "first CPU".
On a machine with far memory (and therefore CPU-less NUMA nodes):
- cpumask_of_node(nid) is 0
- cpumask_first(0) is CONFIG_NR_CPUS
- cpu_data(CONFIG_NR_CPUS) accesses the cpu_info per-CPU array at an
index that is 1 out of bounds
This does not have any security implications since flashing microcode is
a privileged operation but I believe this has reliability implications by
potentially corrupting memory while flashing a microcode update.
When booting with CONFIG_UBSAN_BOUNDS=y on an AMD machine that flashes
a microcode update. I get the following splat:
UBSAN: array-index-out-of-bounds in arch/x86/kernel/cpu/microcode/amd.c:X:Y
index 512 is out of range for type 'unsigned long[512]'
[...]
Call Trace:
dump_stack
__ubsan_handle_out_of_bounds
load_microcode_amd
request_microcode_amd
reload_store
kernfs_fop_write_iter
vfs_write
ksys_write
do_syscall_64
entry_SYSCALL_64_after_hwframe
Change the loop to go over only NUMA nodes which have CPUs before determining
whether the first CPU on the respective node needs microcode update.
[ bp: Massage commit message, fix typo. ]
Security readout for executives and security teams
Plain-English summary
CVE-2025-21991 is a Linux kernel AMD microcode update bug. On AMD systems with CPU-less NUMA memory nodes, the kernel can read one entry past a CPU data array during microcode loading. The source states this is mainly a reliability risk, not a direct security issue, because microcode flashing is privileged.
Executive priority
Handle through the normal high-priority kernel patch process, with faster attention for AMD servers using advanced NUMA or far-memory configurations. There is no source-supported evidence of active exploitation, but kernel memory corruption during maintenance operations can create operational risk.
Technical view
The AMD microcode loader iterated all NUMA nodes and assumed each node had at least one CPU. For CPU-less NUMA nodes, cpumask_first() can return CONFIG_NR_CPUS, causing cpu_data(CONFIG_NR_CPUS) to access beyond the per-CPU array. The fix limits the loop to NUMA nodes that have CPUs.
Likely exposure
Exposure is likely limited to Linux systems on AMD hardware with CPU-less NUMA nodes, such as far-memory configurations, when AMD microcode update loading is used. The affected version data in the bundle includes multiple Linux stable branches; distribution kernel backports must be checked separately.
Exploitation context
The bundle reports no KEV listing and provides no evidence of active exploitation. The kernel description says microcode flashing is privileged and frames the issue as reliability-focused memory corruption during a microcode update path, not a practical remote attack vector.
Researcher notes
The key condition is an empty CPU mask for a NUMA node during load_microcode_amd(). The source bundle’s CVSS is high, but the upstream text explicitly says there are no security implications because microcode flashing is privileged. Treat exploitability evidence as incomplete and validate against vendor kernels.
Mitigation direction
Update affected Linux kernels to vendor-supported fixed builds.
Check Linux distribution advisories for backported fixes.
Prioritize AMD NUMA or far-memory systems using microcode updates.
Avoid direct wrangler-style deploy assumptions; follow vendor kernel update guidance.
Monitor Debian LTS and kernel stable advisories for package status.
Validation and detection
Inventory AMD Linux hosts and kernel versions.
Identify systems with NUMA nodes that have memory but no CPUs.
Confirm installed kernel includes the relevant stable fix.
Review boot or update logs for UBSAN out-of-bounds reports.
Verify distribution package advisories mark the kernel fixed.
Generated from the cited source records. This long-tail analysis has not been individually reviewed by a named human.
Potential ATT&CK relevance
Conservative CVE-to-ATT&CK context
These mappings and lookup hints may be relevant to the vulnerability behavior, CWE, affected product, or exposure path. Glexia-inferred context is not an official MITRE, ATT&CK, CWE, or CVE Program mapping.
ATT&CK lookup starting points
Use these exact CWE pages and searches to review the Glexia ATT&CK library from this CVE's weakness and description context.
cwe · low confidence lookup
CWE-129: Exact CWE lookup
Use the exact CWE identifier as the starting point before reviewing related ATT&CK behavior. Open the exact CWE lookup page first, then review the ATT&CK searches from that MITRE weakness context. This is a Glexia lookup hint, not an official ATT&CK mapping.
These fields come from the CVE record and ADP containers, not from Glexia's Take. They preserve time-varying source decisions such as CISA SSVC, KEV status, CVSS metrics, and provider references.
1CVSS vectors
3Timeline events
2ADP providers
11Source links
SSVC decision data
CISA-ADPCISA Coordinator
Timestamp
Version
2.0.3
Exploitation: noneAutomatable: noTechnical Impact: total
CVSS vector scores
1 official score
We collect every scored CVSS vector available in the official CNA and ADP containers. When more than one version is present, the table keeps the source vectors side by side instead of collapsing them into the highest score.
CWE links open Glexia weakness intelligence pages with official CWE context, developer remediation guidance, and related CVE mappings.
CWE-129 · source CWE mapping
Improper Validation of Array Index
Improper Validation of Array Index represents a recurring weakness pattern that can create exploitable paths when design, validation, or implementation controls are missing.