CVE-2025-22889

CVSS 7 HIGHEPSS 0.1%CWE-1260

In short

Intel Xeon 6 processors with TDX have a flaw in how they manage protected memory areas, allowing a privileged user on the system to gain even higher privileges through a local attack.

Technical detail

CWE-1260 involves improper handling of overlapping protected memory ranges in Intel Xeon 6 TDX implementations. A privileged user with local access can exploit this memory management vulnerability to escalate privileges, potentially gaining control over the entire system.

Summary generated and translated by AI from the official description.

Improper handling of overlap between protected memory ranges for some Intel(R) Xeon(R) 6 processor with Intel(R) TDX may allow a privileged user to potentially enable escalation of privilege via local access.

CVSS:4.0/AV:L/AC:L/AT:P/PR:H/UI:N/VC:H/VI:H/VA:N/SC:N/SI:N/SA:N

Affected products

n/a · Intel(R) Xeon(R) 6 processor with Intel(R) TDX

Want to know if your infrastructure is exposed to this?

Talk to TrueHacking →

References

https://intel.com/content/www/us/en/security-center/advisory/intel-sa-01311.html https://lists.debian.org/debian-lts-announce/2025/10/msg00027.html