Benedict Schlüter

Name of the Vulnerable Software and Affected Versions: Fortanix Enclave OS version 3.36.1941-EM Description: The issue is related to an interface vulnerability that leads to state corruption via injected signals. Recommendations: For Fortanix Enclave OS version 3.36.1941-EM, at the moment, there is no information about a newer version that contains a fix for this vulnerability.

Name of the Vulnerable Software and Affected Versions: Scontain SCONE version 5.8.0 Description: The issue is related to an interface vulnerability that can cause state corruption through injected signals. Recommendations: For Scontain SCONE version 5.8.0, at the moment, there is no information about a newer version that contains a fix for this vulnerability.

**Name of the Vulnerable Software and Affected Versions** Linux kernel versions prior to 6.6.7 **Description** An untrusted VMM can trigger int80 syscall handling at any given point in the Linux kernel. This issue is related to the files arch/x86/coco/tdx/tdx.c and arch/x86/mm/mem encrypt amd.c, specifically affecting 32-bit emulation for TDX and SEV. The vulnerability opens the guest OS to manipulation from the VMM side. **Recommendations** For Linux kernel versions prior to 6.6.7, update to version 6.6.7 or later to resolve the issue. As a temporary workaround, consider restricting access to the `int80` syscall handling mechanism until a patch is available. Additionally, restricting the use of 32-bit emulation for TDX and SEV may help minimize the risk of exploitation.