In the Linux kernel, the following vulnerability has been resolved: x86/tdx: Fix data leak in mmio_read() The mmio_read() function makes a TDVMCALL to retrieve MMIO data for an address from the VMM. Rated low severity (CVSS 3.3), this vulnerability is low attack complexity.
Information Disclosure
Linux
Linux Kernel
NVD
CVSS 3.1
3.3
EPSS
0.2%
{to,from}_user() do not call access_ok(), so this code allowed. Rated low severity (CVSS 3.3), this vulnerability is low attack complexity.
Information Disclosure
Linux
Linux Kernel
NVD
CVSS 3.1
3.3
EPSS
0.2%