New Intel CPU Vulnerability ‘Reptar’ Can Allow DoS Attacks, Privilege Escalation

New Intel CPU Vulnerability ‘Reptar’ Can Allow DoS Attacks, Privilege Escalation

November 15, 2023 at 05:09AM

A vulnerability affecting certain Intel processors, tracked as Reptar and CVE-2023-23583, has been discovered. It could result in a crash, privilege escalation, and information disclosure. Intel has released microcode updates to address the issue, and users are advised to ensure their BIOS, system OS, and drivers are up to date. The vulnerability is related to redundant prefixes in Intel processors. Google employees and Intel’s own employees have been credited with identifying the vulnerability. In August, Google disclosed another Intel CPU vulnerability named Downfall. Intel has published 30 security advisories for various vulnerabilities, and researchers have disclosed a new vulnerability affecting AMD processors called CacheWarp.

Key takeaways from the meeting notes:

1. A newly disclosed vulnerability affecting some Intel processors has been identified. It could lead to a crash and potentially allow privilege escalation and information disclosure.

2. The vulnerability, named Reptar and tracked as CVE-2023-23583, can be exploited by attackers who already have access to the targeted system.

3. The vulnerability affects Intel CPUs designed for desktop, mobile, and server devices, including 10th and 11th Gen Core, 3rd Gen Xeon, and Xeon D. Intel has started releasing microcode updates to patch the issue.

4. End users need to ensure that their BIOS, system OS, and drivers are up to date to apply the mitigations.

5. The vulnerability was independently identified by Intel employees and several Google employees, who named it Reptar.

6. Google disclosed technical details of the vulnerability, stating it is related to the interpretation of redundant prefixes by Intel processors, allowing for a security bypass.

7. The impact of the vulnerability is demonstrated in a multi-tenant virtualized environment, where exploitation on a guest machine can crash the host machine and lead to a Denial of Service for other guest machines on the same host. It could also result in information disclosure or privilege escalation.

8. This is not the only recent Intel CPU vulnerability disclosed by Google. In August, another flaw named Downfall was revealed, allowing a local attacker to obtain sensitive information.

9. Intel published 30 new security advisories on Tuesday to inform customers about vulnerabilities affecting various products.

10. Researchers also disclosed a new vulnerability called CacheWarp, affecting AMD processors. It poses a risk to virtual machines, potentially allowing attackers to hijack control flow, break into an encrypted VM, and escalate privileges.

Full Article