Astra Linux - уязвимость в intel-microcode

Improper input validation in some IntelR TDX module software before version 1.5.05.46.698 may allow a privileged user to potentially enable escalation of privilege via local access...

CVE-2025-22885

Improper buffer restrictions in the firmware for the TDX Module may allow an escalation of privilege. System software adversary with a privileged user combined with a high complexity attack may enable escalation of privilege. This result may potentially occur via local access when attack...

CVE-2025-31944

Race condition for some TDX Module before version tdx1.5 within Ring 0: Hypervisor may allow a denial of service. Authorized adversary with a privileged user combined with a high complexity attack may enable denial of service. This result may potentially occur via local access when attack...

CVE-2025-30513

Race condition for some TDX Module within Ring 0: Hypervisor may allow an escalation of privilege. System software adversary with a privileged user combined with a low complexity attack may enable escalation of privilege. This result may potentially occur via local access when attack requirements...

CVE-2025-27940

Out-of-bounds read for some TDX Module before version tdx1.5 within Ring 0: Hypervisor may allow an information disclosure. Software side channel adversary with a privileged user combined with a high complexity attack may enable data exposure. This result may potentially occur via local access wh...

CVE-2025-31944

Race condition for some TDX Module before version tdx1.5 within Ring 0: Hypervisor may allow a denial of service. Authorized adversary with a privileged user combined with a high complexity attack may enable denial of service. This result may potentially occur via local access when attack...

CVE-2025-30513

Race condition for some TDX Module within Ring 0: Hypervisor may allow an escalation of privilege. System software adversary with a privileged user combined with a low complexity attack may enable escalation of privilege. This result may potentially occur via local access when attack requirements...

CVE-2025-22885

Improper buffer restrictions in the firmware for the TDX Module may allow an escalation of privilege. System software adversary with a privileged user combined with a high complexity attack may enable escalation of privilege. This result may potentially occur via local access when attack...

CVE-2025-32467

Use of uninitialized variable for some TDX Module before version tdx1.5 within Ring 0: Hypervisor may allow an information disclosure. Authorized adversary with a privileged user combined with a high complexity attack may enable data exposure. This result may potentially occur via local access wh...

CVE-2025-31944

Race condition for some TDX Module before version tdx1.5 within Ring 0: Hypervisor may allow a denial of service. Authorized adversary with a privileged user combined with a high complexity attack may enable denial of service. This result may potentially occur via local access when attack...

CVE-2025-31944

Race condition for some TDX Module before version tdx1.5 within Ring 0: Hypervisor may allow a denial of service. Authorized adversary with a privileged user combined with a high complexity attack may enable denial of service. This result may potentially occur via local access when attack...

CVE-2025-31944

CVE-2025-31944 concerns a race condition in certain Intel TDX Module implementations prior to tdx1.5, within Ring 0 hypervisor code. The issue may allow a denial of service when a privileged local attacker with high complexity performs a deliberate race condition under local access, with no user ...

CVE-2025-30513

CVE-2025-30513 describes a race condition in a TDX Module operating in Ring 0 that may enable local privilege escalation. The vulnerability could impact confidentiality and integrity (high) with no availability impact, via a local attack requiring high privileges and no user interaction, and with...

CVE-2025-30513

Race condition for some TDX Module within Ring 0: Hypervisor may allow an escalation of privilege. System software adversary with a privileged user combined with a low complexity attack may enable escalation of privilege. This result may potentially occur via local access when attack requirements...

CVE-2025-27940

Out-of-bounds read for some TDX Module before version tdx1.5 within Ring 0: Hypervisor may allow an information disclosure. Software side channel adversary with a privileged user combined with a high complexity attack may enable data exposure. This result may potentially occur via local access wh...

CVE-2025-22885

CVE-2025-22885 concerns firmware for the TDX Module with an improper buffer restriction that may enable privilege escalation. The issue is exploitable locally by a system software adversary who already has privileged user access, under high attack complexity and with no user interaction required....

CVE-2025-22885

Improper buffer restrictions in the firmware for the TDX Module may allow an escalation of privilege. System software adversary with a privileged user combined with a high complexity attack may enable escalation of privilege. This result may potentially occur via local access when attack...

PT-2026-7301

Name of the Vulnerable Software and Affected Versions TDX Module versions prior to tdx1.5 Description A race condition exists within the hypervisor in Ring 0 for some TDX Module versions prior to tdx1.5, potentially leading to a denial of service. An authorized adversary with privileged user...

CVE-2024-39283

Incomplete filtering of special elements in IntelR TDX module software before version TDX1.5.01.00.592 may allow an authenticated user to potentially enable escalation of privilege via local access...

EUVD-2024-19413

Malicious code in bioql PyPI...