CVE-2025-35979
Exposure of sensitive information caused by shared microarchitectural predictor state that influences transient execution for some Intel(R) Processors within VMX non-root (guest) operation may allow an information disclosure. Unprivileged software adversary with an authenticated user combined with a high complexity attack may enable data exposure. This result may potentially occur via local access when attack requirements are present without special internal knowledge and requires no user interaction. The potential vulnerability may impact the confidentiality (high), integrity (none) and availability (none) of the vulnerable system, resulting in subsequent system confidentiality (high), integrity (none) and availability (none) impacts.
Affected Software
Event History
Frequently Asked Questions
What is the severity of CVE-2025-35979?
CVE-2025-35979 has been assessed as a high severity vulnerability due to its potential to allow information disclosure.
How do I fix CVE-2025-35979?
Fixes for CVE-2025-35979 involve applying the latest firmware and software updates provided by Intel for affected processors.
What types of systems are affected by CVE-2025-35979?
CVE-2025-35979 affects Intel processors that utilize VMX non-root (guest) operation.
Who can exploit CVE-2025-35979?
An unprivileged software adversary with authenticated user privileges can potentially exploit CVE-2025-35979 to access sensitive information.
What data could be exposed due to CVE-2025-35979?
CVE-2025-35979 may allow unauthorized access to sensitive information processed within virtual machines on affected Intel processors.