Resource management error in Intel products - CVE-2025-20103

Vulnerability identifier: #VU109426

CSH Severity: Low

CVSS v4.0: CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear

CVE-ID: CVE-2025-20103

CWE-ID: CWE-399

Exploitation vector: Local access

Exploit availability: No public exploit available

Vendor: Intel

Affected software:
12th Generation Intel Core Processors
Intel Pentium Gold Processor Series
Intel Celeron Processors
Intel Core Ultra family
5th Generation Intel Xeon Scalable processors
Intel Xeon W Processors
Intel Xeon E Processors
13th Generation Intel Core Processors
14th Generation Intel Core Processors
Intel Xeon CPU Max Series processors
4th Generation Intel Xeon Scalable Processors
4th Generation Intel Xeon Platinum processors
4th Generation Intel Xeon Gold Processors
4th Generation Intel Xeon Silver Processors
4th Generation Intel Xeon Bronze Processors
Intel Core Ultra 200S Series Processor
5th Generation Intel Xeon Platinum processor
5th Generation Intel Xeon Gold Processor
5th Generation Intel Xeon Silver Processor
5th Generation Intel Xeon Bronze Processor
Intel Core Ultra Processors Series 2

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to insufficient resource pool in the core management mechanism for some Intel Processors. A local user can perform a denial of service (DoS) attack.

Install updates from vendor's website.

• https://intel.com/content/www/us/en/security-center/advisory/intel-sa-01244.html