CVE-2025-68313

medium

Description

In the Linux kernel, the following vulnerability has been resolved: x86/CPU/AMD: Add RDSEED fix for Zen5 There's an issue with RDSEED's 16-bit and 32-bit register output variants on Zen5 which return a random value of 0 "at a rate inconsistent with randomness while incorrectly signaling success (CF=1)". Search the web for AMD-SB-7055 for more detail. Add a fix glue which checks microcode revisions. [ bp: Add microcode revisions checking, rewrite. ]

References

https://git.kernel.org/stable/c/e980de2ff109dacb6d9d3a77f01b27c467115ecb

https://git.kernel.org/stable/c/607b9fb2ce248cc5b633c5949e0153838992c152

https://git.kernel.org/stable/c/36ff93e66d0efc46e39fab536a9feec968daa766

Details

Source: Mitre, NVD

Published: 2025-12-16

Updated: 2025-12-18

Risk Information

CVSS v2

Base Score: 5.2

Vector: CVSS2#AV:L/AC:L/Au:S/C:N/I:P/A:C

Severity: Medium

CVSS v3

Base Score: 6.1

Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:H

Severity: Medium

EPSS

EPSS: 0.00017