Researchers from Google Project Zero has analyzed eighty-one potential attack vectors and confirmed ten vulnerabilities in Intel Trust Domain Extensions (TDX) after a nine-month audit process.
TDX is a type of ‘confidential computing’ technology built to provide security for sensitive data while processing it in a hardware-isolated environment. It offers several new features, including full virtual machine compute models, without requiring any code changes.
Google experts inspected the TDX firmware for several issues, including those related to arbitrary code execution , safe error handling and state management, and denial of service . Intel remediated all the issues identified by Google.
Intel addressed nine of the discovered issues by changing the TDX code, while the tenth flaw required changes to the guide for writing a BIOS to support TDX.
These flaws were not assigned CVE identifiers, but Intel internally assigned CVSS v3.1 scores to them.
The gravest issue discovered by the researchers was the Exit Path Interrupt Hijacking when returning from ACM mode. The issue received a CVSS score of 9.3, an attacker can trigger it to achieve arbitrary code execution in the privileged ACM execution mode. These were mitigated before the production release of the 4th gen Intel Xeon Scalable processors.
Two of the identified vulnerabilities were memory safety issues, with logical bugs representing the most common type of identified flaws.
Google and Intel conducted the review via shared issue trackers and regular collaboration. This allowed Intel to provide deep technical information about the function of the Intel TDX components as well as enabling the reviewers to resolve potential ambiguities in documentation and source code.