PT-2023-9798 · Intel+6 · Intel Tdx+6

Andrey Markovytch

Published

2023-11-18

Updated

2025-03-26

CVE-2023-47855

CVSS v3.1

6.7

Medium

Vector

AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H

Name of the Vulnerable Software and Affected Versions Intel TDX versions prior to 1.5.05.46.698

Description The issue is related to improper input validation in some Intel TDX module software, which may allow a privileged user to potentially enable escalation of privilege via local access. This could permit an attacker to increase their privileges.

Recommendations For versions prior to 1.5.05.46.698, update to version 1.5.05.46.698 or later to resolve the issue. As a temporary workaround, consider restricting local access to minimize the risk of exploitation.

Fix

RCE

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Weakness Enumeration

CWE-20

Related Identifiers

ALT-PU-2024-8656

ALT-PU-2024-8668

BDU:2024-11259

CVE-2023-47855

OESA-2024-1730

OESA-2024-1731

OESA-2024-1732

OESA-2024-1753

SUSE-SU-2024:1684-1

SUSE-SU-2024:1771-1

SUSE-SU-2025:1032-1

SUSE-SU-2025:20020-1

USN-6797-1

Affected Products

Alt Linux

Astra Linux

Intel Tdx

Linuxmint

Red Os

Suse

Ubuntu

PT-2023-9798 · Intel+6 · Intel Tdx+6

CVE-2023-47855

Weakness Enumeration

Related Identifiers

Affected Products

References · 89