Analysis Summary

CVE-2024-21801 CVSS:7.1

Intel TDX Module is vulnerable to a denial of service, caused by insufficient control flow management. By persuading a victim to open a specially crafted file, a remote attacker could exploit this vulnerability to cause a denial of service.

CVE-2024-24853 CVSS:7.2

Intel Processors could allow a local authenticated attacker to gain elevated privileges on the system, caused by incorrect behavior order in transition between executive monitor and SMI transfer monitor (STM), By sending a specially crafted request, an attacker could exploit this vulnerability to escalate privileges.

CVE-2024-25576 CVSS:7.9

Intel Agilex FPGA 7 FPGA firmware could allow a local authenticated attacker to gain elevated privileges on the system, caused by improper access control. By sending a specially crafted request, an attacker could exploit this vulnerability to escalate privileges.

Impact

• Denial of Service
• Gain Access

Indicators of Compromise

CVE

• CVE-2024-21801
• CVE-2024-24853
• CVE-2024-25576

Affected Vendors

Affected Products

• Intel Xeon D Processors
• Intel 10th Generation Intel Core Processor Family
• Intel 3rd Generation Intel Xeon Scalable Processor Family
• Intel 3rd Gen Intel Xeon Scalable Processor Family
• Intel 11th Generation Intel Core Processor Family
• Intel Trust Domain Extensions (Intel® TDX) module software
• Intel 2nd Generation Intel Xeon Scalable processor family
• Intel Agilex FPGA 7 FPGA firmware

Remediation

Refer to INTEL Security Advisory for patch, upgrade or suggested workaround information.

CVE-2024-21801

CVE-2024-24853

CVE-2024-25576