PT-2026-7296 · Intel · Tdx Module
Published
2026-02-10
·
Updated
2026-02-11
·
CVE-2025-27940
CVSS v3.1
4.1
Medium
| Vector | AV:L/AC:H/PR:H/UI:N/S:U/C:H/I:N/A:N |
Name of the Vulnerable Software and Affected Versions
TDX Module versions prior to tdx1.5
Description
An out-of-bounds read issue exists within the hypervisor in some TDX Module versions prior to tdx1.5 when operating in Ring 0. A software side channel adversary with a privileged user, combined with a high complexity attack, may enable data exposure. This may occur via local access when attack requirements are present, without requiring special internal knowledge or user interaction. The issue may potentially impact the confidentiality of the vulnerable system.
Recommendations
Update to TDX Module version tdx1.5 or later.
Fix
Out of bounds Read
Found an issue in the description? Have something to add? Feel free to write us 👾
Weakness Enumeration
Related Identifiers
Affected Products
Tdx Module