CVE-2025-29829

Trusted Runtime Interface Driver — information disclosure via uninitialized resource

Summary

Field	Value
Driver	Trusted Runtime Interface Driver
Vulnerability Class	Information Disclosure (Uninitialized Memory)
CVSS	5.5
Exploited ITW	No
Patch Date	April 8, 2025

Root Cause

The Trusted Runtime Interface Driver returns memory to user-mode callers without initializing it first. Uninitialized kernel memory contents leak to user mode.

Exploitation

The attacker queries the trusted runtime interface. Uninitialized memory is returned, leaking kernel addresses useful for KASLR bypass.

Exploitation Primitive

Trusted runtime query → uninitialized memory returned
  → kernel address leak → KASLR bypass

References

MSRC Advisory