Intel Xeon 6 SGX/TDX Privilege Escalation Vulnerability (INTEL-SA-01367)

Critical Vulnerability Information Vulnerability Overview Intel ID: INTEL-SA-01367 Impact: Escalation of Privilege Severity Rating: HIGI Original Release Date: July 25, 2023 Last Updated: December 20, 2023 Vulnerability Details CVE-ID: CVE-2023-32903, CVE-2023-32906 Description: On certain Intel Xeon 6 processors, when using Intel SGX or Intel TDX, a single-byte write error in the memory subsystem may allow privileged users to bypass security checks, potentially enabling privilege escalation via local access. CVSS Score: - CVE-2023-32903: Base score 3.1, 7.2 High - CVE-2023-32906: Base score 4.0, 4.5 Medium Affected Products Product Line: Intel Xeon 6 processors Specific Models: - Intel Xeon 6 processors (P-core) Birch Stream - Intel Xeon 6 processors (E-core) Elm Stream Recommended Actions Intel recommends that users of affected Intel Xeon 6 processors update to the latest firmware versions provided by their system manufacturers to address these issues. Related Links Microcode Public GitHub Repository: https://github.com/intel/linux-processor-microcode-data-files Microcode Loading Point: https://www.intel.com/content/www/us/en/developer/articles/technical/software-security-guidance/secure-coding/loading-microcode-os.html Intel Trusted Execution Environment Recovery Guide: https://software.intel.com/content/dam/develop/external/us/en/documents/trusted-execution-environment-recovery.pdf

Goal Reached Thanks to every supporter — we hit 100%!

Intel Xeon 6 SGX/TDX Privilege Escalation Vulnerability (INTEL-SA-01367)