Intel TDX Modules Ring 0 Hypervisor Out-of-Bounds Read Information Disclosure Vulnerability

A vulnerability allowing out-of-bounds read has been identified in some Intel Trust Domain Extensions (TDX) modules prior to version 1.5.24, within Ring 0: Hypervisor. This vulnerability may lead to unauthorized information disclosure. It can be exploited by an authorized adversary with privileged user access, through a low complexity attack, potentially via local access. The exploitation requires no user interaction and can occur without special internal knowledge. The vulnerability impacts the confidentiality of the system, while integrity and availability remain unaffected.

Impact

Exploitation of this vulnerability could result in unauthorized information disclosure, allowing sensitive data to be exposed.

Remediation

Users of affected Intel Xeon processors are advised to update to the latest version provided by their system manufacturer that addresses this vulnerability.