Exploitation of a newly disclosed vulnerability affecting some Intel processors could lead to a crash and possibly to privilege escalation and information disclosure.
Tracked as Reptar and CVE-2023-23583, this high-severity flaw can be leveraged by an attacker who already has access to the targeted system.
The vulnerability has been found to affect CPUs designed by Intel for desktop, mobile and server devices, including 10th and 11th Gen Core, 3rd Gen Xeon, and Xeon D. The chip giant has started releasing microcode updates that patch the issue.
“End users do not have to take any special actions to apply these mitigations other than ensuring that their BIOS, system OS, and drivers are up to date,” Intel said.
The company has credited its own employees as well as several Google employees for independently identifying the vulnerability.
The name Reptar was given to the security bug by Google, which on Tuesday made public technical details.
Google noted that the issue is related to the way redundant prefixes are interpreted by Intel processors, allowing for a security bypass.
“Prefixes allow you to change how instructions behave by enabling or disabling features. The full rules are complicated, but in general, if you use a prefix that doesn’t make sense or conflicts with other prefixes, we call those redundant. Usually, redundant prefixes are ignored,” Phil Venables, VP and CISO at Google Cloud, explained in a blog post.
“The impact of this vulnerability is demonstrated when exploited by an attacker in a multi-tenant virtualized environment, as the exploit on a guest machine causes the host machine to crash resulting in a Denial of Service to other guest machines running on the same host. Additionally, the vulnerability could potentially lead to information disclosure or privilege escalation,” Venables added.
This is not the only Intel CPU vulnerability discovered and disclosed recently by Google. In August, the internet giant revealed that Intel processors are affected by a flaw named Downfall, which can be exploited by a local attacker to obtain sensitive information, such as passwords and encryption keys.
Intel published an additional 30 new security advisories on Tuesday to inform customers about vulnerabilities affecting various products.
Also on Tuesday, researchers disclosed CacheWarp, a new vulnerability affecting AMD processors. CacheWarp can pose a risk to virtual machines (VMs), potentially allowing attackers to hijack control flow, break into an encrypted VM, and escalate privileges.
UPDATE: Intel has provided the following statement to SecurityWeek:
“Intel discovered this issue internally and was already preparing the ecosystem to release a mitigation through our well-documented Intel Platform Update process. At the request of customers, including OEMs and CSPs, this process typically includes a validation, integration, and deployment window after Intel deems the patch meets production quality, and helps ensure that mitigations are available to all customers on all supported Intel platforms when the issue is publicly disclosed. While Intel is not aware of any active attacks using this vulnerability, affected platforms have an available mitigation via a microcode update.”