The latest security information on Intel® products.

Summary: 

Potential security vulnerabilities for some Intel® Platforms with Intel® QuickAssist Technology (Intel® QAT) may allow escalation of privilege or denial of service. Intel is releasing microcode updates and prescriptive guidance to address these potential vulnerabilities.

Vulnerability Details: 

CVEID:  CVE-2025-35998

Description: Missing protection mechanism for alternate hardware interface in the Intel® Quick Assist Technology for some Intel® Platforms within Ring 0: Kernel may allow an escalation of privilege. System software adversary with a privileged user combined with a low complexity attack may enable escalation of privilege. This result may potentially occur via local access when attack requirements are present with special internal knowledge and requires no user interaction. The potential vulnerability may impact the confidentiality (high), integrity (high) and availability (none) of the vulnerable system, resulting in subsequent system confidentiality (none), integrity (none) and availability (none) impacts.

CVSS Base Score 4.0: 7.0 High

CVSS Vector 4.0:  CVSS:4.0/AV:L/AC:L/AT:P/PR:H/UI:N/VC:H/VI:H/VA:N/SC:N/SI:N/SA:N

CVSS Base Score 3.1: 7.9 High

CVSS Vector 3.1:  CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:C/C:H/I:H/A:N

CVEID:  CVE-2025-30508

Description: Improper authorization in the Intel® Quick Assist Technology for some Intel® Platforms within Ring 0: Kernel may allow a denial of service. Unprivileged software adversary with an authenticated user combined with a low complexity attack may enable denial of service. This result may potentially occur via local access when attack requirements are not present with special internal knowledge and requires no user interaction. The potential vulnerability may impact the confidentiality (none), integrity (none) and availability (high) of the vulnerable system, resulting in subsequent system confidentiality (none), integrity (none) and availability (none) impacts.

CVSS Base Score 4.0: 6.8 Medium

CVSS Vector 4.0:  CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N

CVSS Base Score 3.1: 6.5 Medium

CVSS Vector 3.1:  CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:N/I:N/A:H

Affected Products:

Recommendation:

For the CVE-2025-35998, Intel recommends that users of Intel® Xeon® 6 with E-cores microcode update to the latest version provided by the system manufacturer that addresses this issue. 

For the CVE-2025-30508, Intel recommends users follow existing security best practices and alternate security controls, including:  All guest operating systems or other applications using Intel® QAT must be trusted, and/or other steps must be taken to ensure that an untrusted application or guest cannot submit incorrectly formatted requests.

Acknowledgements:

These issues were found internally by Intel employees.

Intel, and nearly the entire technology industry, follows a disclosure practice called Coordinated Disclosure, under which a cybersecurity vulnerability is generally publicly disclosed only after mitigations are available.