Intel TDX Modules Ring 0 Hypervisor Out-of-Bounds Read Information Disclosure Vulnerability

A vulnerability allowing out-of-bounds read has been identified in some Intel Trust Domain Extensions (TDX) modules prior to version 1.5. This vulnerability exists within Ring 0: Hypervisor, and may lead to unauthorized information disclosure. The issue can be exploited by a software side channel adversary with privileged user access, under high complexity attack conditions, potentially allowing data exposure. The vulnerability requires local access, no special internal knowledge, and no user interaction.

Impact

Exploitation of this vulnerability could result in unauthorized information disclosure, allowing sensitive data to be exposed.

Remediation

Intel recommends that users of affected Intel Xeon processors update to the latest version provided by their system manufacturer that addresses this vulnerability.