Primary

Context

Linux Kernel SGX Poisoned Page Reclamation Vulnerability

Vulnerability

A vulnerability in the Linux kernel's handling of Intel Software Guard Extensions (SGX) can lead to system instability. When SGX pages are poisoned due to memory errors, the current reclamation process does not account for this, potentially causing a poisoned page to be reclaimed and added to another enclave. This oversight can trigger a machine check exception, shutting down the core and causing the kernel to panic. The vulnerability arises because the SGX reclamation logic fails to check for poisoned pages before reclaiming them, despite the pages being marked as such after a memory error.

Impact

Reclaiming poisoned SGX pages can cause a core to shut down and the kernel to panic, disrupting system stability.

Remediation

The vulnerability has been addressed in the Linux kernel. Users should upgrade to the latest version where this issue has been resolved.

Added: Jul 10, 2025, 11:08 AM

Updated: Jul 10, 2025, 11:08 AM

Vulnerability Rating

Custom Algorithm

spread

9.0

impact

2.5

exploitability

4.0

remediation

0.0

relevance

0.3

threat

3.2

urgency

2.9

incentive

1.7

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Vulnerability Rating

Custom Algorithm

spread

9.0

impact

2.5

exploitability

4.0

remediation

0.0

relevance

0.3

threat

3.2

urgency

2.9

incentive

1.7

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Linux Kernel SGX Poisoned Page Reclamation Vulnerability

Vulnerability

Impact

Remediation

Affected Products

Linux kernel

CVSS Scores

References

Vulnerability Rating

Vulnerability Rating