Intel Xeon 6 Processor E-Cores Privileged Escalation Vulnerability via TDX or SGX
Vulnerability
A vulnerability exists in some Intel Xeon 6 processors with E-cores, specifically when using Intel Trust Domain Extensions (TDX) or Intel Software Guard Extensions (SGX). This vulnerability allows a privileged user to potentially escalate privileges through local access, due to improper restrictions of software interfaces to hardware features.
Impact
Exploitation of this vulnerability could lead to unauthorized privilege escalation.
Remediation
Intel has released microcode updates for the affected processors, available on the public Intel Linux Processor Microcode Data Files GitHub repository. For systems using Intel SGX or TDX, the microcode update should be applied through the platform flash, as indicated by the firmware interface table entry point. Non-SGX/TDX systems can load the microcode update via the operating system. Additional guidance on loading microcode and performing a TCB recovery for SGX/TDX systems is available on the Intel Developer Zone.
Vulnerability Rating
Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.