Summary: A recent study by researchers from IIT Kharagpur and Intel Corporation has revealed a vulnerability in Intel’s Trust Domain Extensions (TDX) that compromises the isolation between Trust Domains and the Virtual Machine Manager (VMM). The vulnerability allows attackers to exploit performance counters to glean sensitive information and computational patterns from TDX. This highlights the urgent need for improved safeguards in TDX architecture to prevent side-channel attacks.
Affected: Intel Corporation (Intel TDX)
Keypoints :
- TDX’s isolation is compromised due to resource contention, allowing for information leakage through performance counters.
- Attackers can use performance monitoring tools to distinguish between idle and active states of TDs, facilitating fingerprinting and class leakage attacks.
- The findings emphasize the need for immediate enhancements to TDX’s architecture to mitigate serious side-channel risks.