Intel® TDX Module Vulnerability Advisory (INTEL-SA-01397) Summary Potential security vulnerabilities for some Intel® TDX modules may allow information disclosure, escalation of privilege, or denial of service. Intel is releasing firmware updates to mitigate these potential vulnerabilities with a severity rating of HIGH. Vulnerability Details CVE-2025-30513 Description: Race condition for some TDX Module within Ring 0: Hypervisor may allow an escalation of privilege. CVSS 4.0: 8.4 High CVSS 3.1: 7.9 High CVE-2025-31944 Description: Race condition for some TDX Module before version tdx1.5 within Ring 0: Hypervisor may allow a denial of service. CVSS 4.0: 5.6 Medium CVSS 3.1: 5.3 Medium CVE-2025-32007 Description: Out-of-bounds read for some TDX before version tdx module 1.5.24 within Ring 0: Hypervisor may allow an information disclosure. CVSS 4.0: 5.6 Medium CVSS 3.1: 4.4 Medium CVE-2025-32467 Description: Use of uninitialized variable for some TDX Module before version tdx1.5 within Ring 0: Hypervisor may allow an information disclosure. CVSS 4.0: 5.6 Medium CVSS 3.1: 4.1 Medium CVE-2025-27572 Description: Exposure of sensitive information during transient execution for some TDX within Ring 0: Hypervisor may allow an information disclosure. CVSS 4.0: 5.6 Medium CVSS 3.1: 4.1 Medium CVE-2025-27940 Description: Out-of-bounds read for some TDX Module before version tdx1.5 within Ring 0: Hypervisor may allow an information disclosure. CVSS 4.0: 5.6 Medium CVSS 3.1: 4.1 Medium Affected Products Recommendation Intel recommends that users of Intel® Xeon® Processors update to the latest version provided by the system manufacturer that addresses these issues. Acknowledgements CVE-2025-31944 was found by Intel employees. Intel would like to thank Reinette Chatre. CVE-2025-32007, CVE-2025-27940, CVE-2025-30513, CVE-2025-27572 and CVE-2025-32467 were found externally. Intel would like to thank Kirk Swidowski, Josh Eads, Daniel Moghimi, Erdem Aktas from Google for reporting these issues.