Intel says Google engineers spotted Xeon vulnerabilities

Intel said it was able to identify five vulnerabilities in the one of the most important confidential computing elements of its Xeon CPUs with help from Google’s cloud security team. The work was part of a five-month joint security review between Intel’s INT31 team (Intel’s offensive security research) and Google’s Cloud Security team. The partnership identified five vulnerabilities and 35 less critical weaknesses, bugs, and improvement opportunities (currently being evaluated) discovered through manual review, custom tooling, and AI-assisted code analysis. The partnership focused on Intel’s Confidential Computing technologies called Trust Domain Extensions (TDX), designed to protect sensitive workloads in the cloud. TDX is a hardware-based security technology that provides confidential virtual machines — called Trust Domains (TDs) — that are isolated from the hypervisor and host OS. It’s available in the fifth-generation Xeon and Xeon 6 product lines while availability in the fourth generation is limited to custom models for cloud service providers. “This research illustrates why Intel is committed to never stop looking for security issues in our products,” Intel said in a statement. “Customers can take confidence that it’s not just Intel working to strengthen our technology, but the ecosystem working together to enhance protection.” The partnership dates back to 2023 and the two firms worked on TDX 1.0. However, Google noted in its own release that technology requires constant review for potential vulnerabilities. “In a perfect world, the [Trusted Computer Base] would be bug-free; in reality, the complexity of modern systems makes continuous assessment essential. Collaborative reviews allow industry leaders to proactively fix vulnerabilities while fostering transparency for everyone who relies on the technology,” Google researchers wrote. The main problem arose when using Live Migration to move a secure instance – referred to as a Trust Domain (TD) — from one physical machine to another physical machine by changing its attributes from “migratable” to “debug,” the researchers said. Once triggered, the entire decrypted TD state is accessible from the host. At this point a malicious host could construct another TD with the decrypted state or perform live monitoring activities. This vulnerability and four others found by Google’s team were patched by Intel in the most recent version of the TDX Module code for Xeon processors. TDX Module code is part of the firmware, so fixes are a part of a firmware update. In addition to the five significant fixes, Google researchers found 35 less critical code weaknesses and bugs, which are expected to be addressed in future TDX Module code updates.