A flaw was found in the implementation of SGX around the access control of protected memory. A local attacker of a system with SGX enabled and an affected intel GPU with the ability to execute code is able to infer the contents of the SGX protected memory.
Red Hat thanks Intel for reporting this issue and collaborating on the mitigations.
Red Hat Product Security is aware of this issue. Updates will be released as they become available. For additional information, please refer to the Red Hat Knowledgebase article: https://access.redhat.com/solutions/2019-microcode-nov
As of this time there are no known mitigations. Please install relevant updated packages to address this flaw.
Created microcode_ctl tracking bugs for this issue:
Affects: fedora-all [bug 1771648]