PCIe IDE Flaws Threaten Data Integrity in PCIe 5.0+

PCIe IDE Flaws Threaten Data Integrity in PCIe 5.0+
December 10, 2025 at 12:00 AM

Three newly disclosed vulnerabilities in the PCIe Integrity and Data Encryption (IDE) protocol could let a local attacker cause devices to process stale or incorrect data. The issues affect PCIe Base Specification 5.0 and newer via the IDE Engineering Change Notice (ECN) and can undermine confidentiality, integrity, and availability.

What’s impacted and why it matters

  • PCIe is the high-speed interconnect used for GPUs, NICs, storage, and more. IDE, introduced with PCIe 6.0, adds encryption and integrity protections.
  • Successful exploitation requires physical or low-level access to the PCIe IDE interface, so the overall severity is low. However, attacks can still breach isolation between trusted execution environments, including deployments using TDISP.
  • Reported by Intel researchers Arie Aharon, Makaram Raghunandan, Scott Constable, and Shalini Sharma.

The three IDE vulnerabilities

  • CVE-2025-9612 (Forbidden IDE Reordering): Missing integrity checks at the receiver may allow traffic reordering, leading to stale data being processed.
  • CVE-2025-9613 (Completion Timeout Redirection): Incompletely flushed completion timeouts may let an attacker inject a packet with a matching tag so the receiver accepts incorrect data.
  • CVE-2025-9614 (Delayed Posted Redirection): Incomplete stream flushing or re-keying may cause receivers to consume stale, incorrect packets.

Severity and exposure

  • Exploitation can enable information disclosure, privilege escalation, or denial of service.
  • Low severity due to access requirements (CVSS v3.1: 3.0; CVSS v4: 1.8), but with potential to compromise IDE and TDISP security goals.

Affected vendors and products

  • Intel: Xeon 6 Processors with P-cores; Xeon 6700P-B/6500P-B series SoC with P-cores
  • AMD: EPYC 9005 Series; EPYC Embedded 9005 Series

Mitigation guidance

  • Manufacturers: Follow the updated PCIe 6.0 standard and apply Erratum #1 to IDE implementations, as urged by CERT/CC.
  • End users and admins: Apply firmware and platform updates from your system or component suppliers, especially where IDE protects sensitive data.

Bottom line
If your environment relies on PCIe IDE, treat these as integrity risks that can manifest under local or physical attack conditions. Prioritize vendor firmware updates and confirm IDE stream flushing and re-keying behavior aligns with the latest PCIe 6.0 Erratum #1 guidance.

Source: The Hacker News

Back…