Barak Gross discovered that some Intel® Xeon® processors with SGX enabled did not properly handle buffer restrictions. A local authenticated user could potentially use this issue to escalate their privileges. (CVE-2025-20053) Avinash Maddy discovered that some Intel® processors did not properly isolate or compartmentalize the stream cache mechanisms. A local authenticated user could potentially use this issue to escalate their privileges. (CVE-2025-20109) Joseph Nuzman discovered that some Intel® Xeon® processors did not properly manage references to active allocate resources. A local authenticated user could potentially use this issue to cause a denial of service (system crash). (CVE-2025-21090) It was discovered that some Intel® Xeon® 6 processors did not properly provide sufficient granularity of access control in the out of band management service module (OOB-MSM). An authenticated user could potentially use this issue to escalate their privileges. (CVE-2025-22839) It was discovered that some Intel® Xeon® 6 Scalable processors did not properly handle a specific sequence of processor instructions, leading to unexpected behavior. A local authenticated user could potentially use this issue to escalate their privileges. (CVE-2025-22840) Joseph Nuzman discovered that some Intel® Xeon® 6 processors with Intel® Trust Domain Extensions (Intel® TDX) did not properly handle overlap between protected memory ranges. A local authenticated user could potentially use this issue to escalate their privileges. (CVE-2025-22889) Avraham Shalev discovered that some Intel® Xeon® processors did not properly provide sufficient control flow management in the Alias Checking Trusted Module (ACTM) firmware. A local authenticated user could potentially use this issue to escalate their privileges. (CVE-2025-24305) Aviv Eisen and Avraham Shalev discovered that some Intel® Xeon® 6 processors when using Intel® SGX or Intel® TDX did not properly protect against out-of-bounds writes in the memory subsystem. A local authenticated user could potentially use this issue to escalate their privileges. (CVE-2025-26403) Aviv Eisen and Avraham Shalev discovered that some Intel® Xeon® 6 processors when using Intel® SGX or Intel® TDX did not properly implement security checks in the DDRIO configuration. A local authenticated user could potentially use this issue to escalate their privileges. (CVE-2025-32086)
Continue reading...
Continue reading...
