Potential Denial of Service Vulnerability in Intel TDX Module Software
CVE-2024-21801

7.1HIGH

Key Information:

Vendor: Intel
Status: Intel(r) Tdx Module Software
Vendor: CVE Published:; 14 August 2024

What is CVE-2024-21801?

The vulnerability associated with the Intel TDX module software arises from insufficient control flow management. This issue can potentially allow a privileged user local access to the system, enabling them to create a denial of service condition. Affected versions prior to 1.5.05.46.698 are susceptible, emphasizing the importance of timely updates to ensure robust security. For further details, refer to the advisory at Intel's security center.

Affected Version(s)

Intel(R) TDX module software before version 1.5.05.46.698

References

https://www.intel.com/content/www/us/en/security-center/a...

CVSS V3.1

Score:

7.1

Severity:

HIGH

Confidentiality:

None

Integrity:

None

Availability:

None

Attack Vector:

Local

Attack Complexity:

Low

Privileges Required:

None

User Interaction:

None

Scope:

Changed

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
Aug 14, 2024
Vulnerability Reserved
Jan 17, 2024