74 matches found
Astra Linux - уязвимость в intel-microcode
Out-of-bounds write in the memory subsystem for some IntelR XeonR 6 processors when using IntelR SGX or IntelR TDX may allow a privileged user to potentially enable escalation of privilege via local access...
CVE-2026-31561
In the Linux kernel, the following vulnerability has been resolved: x86/cpu: Remove X86CR4FRED from the CR4 pinned bits mask Commit in Fixes added the FRED CR4 bit to the CR4 pinned bits mask so that whenever something else modifies CR4, that bit remains set. Which in itself is a perfectly fine...
Unity Linux 20.1070e Security Update: kernel (UTSA-2026-011378)
The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-011378 advisory. In the Linux kernel, the following vulnerability has been resolved: x86/apic: Don't disable x2APIC if locked The APIC supports two modes, legacy APIC or xAPIC, and...
kernel: x86/tdx: Fix "in-kernel MMIO" check
A flaw was found in the Linux kernel. Userspace can deceive the kernel into performing MMIO Memory-Mapped IO operations in TDX Trust Domain Extensions on its behalf, allowing a VE Virtualization Exception to be incorrectly handled as a in-kernel MMIO operation...
kernel: x86/tdx: Fix "in-kernel MMIO" check
A flaw was found in the Linux kernel. Userspace can deceive the kernel into performing MMIO Memory-Mapped IO operations in TDX Trust Domain Extensions on its behalf, allowing a VE Virtualization Exception to be incorrectly handled as a in-kernel MMIO operation...
Security Assessment of Intel TDX with Support for Live Migration
In the second and third quarters of 2025, Google collaborated with Intel to conduct a security assessment of Intel Trust Domain Extensions TDX, extending Google's previous review and covering major changes since Intel TDX Module 1.0 - namely support for Live Migration and Trusted Domain TD...
CVE-2025-27572
Exposure of sensitive information during transient execution for some TDX within Ring 0: Hypervisor may allow an information disclosure. Authorized adversary with a privileged user combined with a high complexity attack may enable data exposure. This result may potentially occur via local access...
CVE-2025-32007
The CVE describes an out-of-bounds read in some Intel TDX prior to tdx module 1.5.24, within the Ring 0 Hypervisor. It may allow an information disclosure. An authorized adversary with privileged user access, using a low-complexity local attack with no user interaction, could exploit this to expo...
CVE-2025-27940
Out-of-bounds read for some TDX Module before version tdx1.5 within Ring 0: Hypervisor may allow an information disclosure. Software side channel adversary with a privileged user combined with a high complexity attack may enable data exposure. This result may potentially occur via local access wh...
Intel Trust Domain Extensions 缓冲区错误漏洞
Intel Trust Domain Extensions is a confidential virtualization solution developed by Intel Corporation in the United States. It aims to isolate confidential virtual machines from non-confidential domain software stacks, including hypervisors, VMMs, and other non-trusted domain software stacks. Th...
Intel Trust Domain Extensions 竞争条件问题漏洞
Intel Trust Domain Extensions is a confidential virtualization solution developed by Intel Corporation in the United States. It aims to isolate confidential virtual machines from non-confidential domain software stacks including hypervisors, VMMs, and other non-trusted domain software stacks,...
Intel Trust Domain Extensions 安全漏洞
Intel Trust Domain Extensions is a confidential virtualization solution developed by Intel Corporation in the United States. It aims to isolate confidential virtual machines from non-confidential domain software stacks including hypervisors, VMMs, and other non-trusted domain software stacks,...
2026.1 IPU, Intel® Trust Domain Extensions (Intel® TDX) module Advisory
Summary: Potential security vulnerabilities for some Intel® TDX modules may allow information disclosure, escalation of privilege, or denial of service. Intel is releasing firmware updates to mitigate these potential vulnerabilities. Vulnerability Details: CVEID: CVE-2025-30513 Description: Race...
Intel Trust Domain Extensions 缓冲区错误漏洞
Intel Trust Domain Extensions is a confidential virtualization solution developed by Intel Corporation in the United States. It aims to isolate confidential virtual machines from non-confidential domain software stacks including hypervisors, VMMs, and other non-trusted domain software stacks,...
Intel Trust Domain Extensions 缓冲区错误漏洞
Intel Trust Domain Extensions is a confidential virtualization solution developed by Intel Corporation in the United States. It aims to isolate confidential virtual machines from non-confidential domain software stacks including hypervisors, VMMs, and other non-trusted domain software stacks,...
2025.4 IPU, Intel® TDX Module Advisory
Summary: A potential security vulnerability for the Intel® Trust Domain Extensions Intel® TDX module may allow escalation of privilege. Intel is releasing firmware updates to mitigate this potential vulnerability. Vulnerability Details: CVEID: CVE-2025-22885 Description: Improper buffer...
Astra Linux - уязвимость в linux-6.12
In the Linux kernel, the following vulnerability has been resolved: x86/kvm: Force legacy PCI hole to UC when overriding MTRRs for TDX/SNP When running as an SNP or TDX guest under KVM, force the legacy PCI hole, i.e. memory between Top of Lower Usable DRAM and 4GiB, to be mapped as UC via a forc...
SUSE CVE-2022-50720
In the Linux kernel, the following vulnerability has been resolved: x86/apic: Don't disable x2APIC if locked The APIC supports two modes, legacy APIC or xAPIC, and Extended APIC or x2APIC. X2APIC mode is mostly compatible with legacy APIC, but it disables the memory-mapped APIC interface in favor...
Linux Distros Unpatched Vulnerability : CVE-2025-40181
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - x86/kvm: Force legacy PCI hole to UC when overriding MTRRs for TDX/SNP When running as an SNP or TDX guest under KVM, force the legacy PCI hole, i.e. memory...
CVE-2025-40181
In the Linux kernel, the following vulnerability has been resolved: x86/kvm: Force legacy PCI hole to UC when overriding MTRRs for TDX/SNP When running as an SNP or TDX guest under KVM, force the legacy PCI hole, i.e. memory between Top of Lower Usable DRAM and 4GiB, to be mapped as UC via a forc...