PT-2023-9798 · Intel+6 · Intel Tdx+6

Andrey Markovytch

Publicado

2023-11-18

Atualizado

2025-03-26

CVE-2023-47855

CVSS v3.1

6.7

Média

Vetor

AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H

Name of the Vulnerable Software and Affected Versions Intel TDX versions prior to 1.5.05.46.698

Description The issue is related to improper input validation in some Intel TDX module software, which may allow a privileged user to potentially enable escalation of privilege via local access. This could permit an attacker to increase their privileges.

Recommendations For versions prior to 1.5.05.46.698, update to version 1.5.05.46.698 or later to resolve the issue. As a temporary workaround, consider restricting local access to minimize the risk of exploitation.

Correção

RCE

Encontrou algum problema na descrição? Tem algo a acrescentar? Fique à vontade para nos escrever 👾

dbugs@ptsecurity.com

Enumeração de Fraquezas

CWE-20

Identificadores relacionados

ALT-PU-2024-8656

ALT-PU-2024-8668

BDU:2024-11259

CVE-2023-47855

OESA-2024-1730

OESA-2024-1731

OESA-2024-1732

OESA-2024-1753

SUSE-SU-2024:1684-1

SUSE-SU-2024:1771-1

SUSE-SU-2025:1032-1

SUSE-SU-2025:20020-1

USN-6797-1

Produtos afetados

Alt Linux

Astra Linux

Intel Tdx

Linuxmint

Red Os

Suse

Ubuntu

PT-2023-9798 · Intel+6 · Intel Tdx+6

CVE-2023-47855

Enumeração de Fraquezas

Identificadores relacionados

Produtos afetados

Referências · 89