Intel has addressed a high-severity CPU vulnerability, dubbed as Reptar and tracked as CVE-2023-23583, impacting a range of its modern processors, including the latest Alder Lake, Raptor Lake, and Sapphire Rapids microarchitectures.
he flaw, described as a ‘Redundant Prefix Issue,’ could potentially allow attackers to escalate privileges, gain access to sensitive information, or induce a denial of service state, posing significant risks, especially for cloud providers.
The vulnerability arises under specific microarchitectural conditions when executing an instruction (REP MOVSB) encoded with a redundant REX prefix. In certain scenarios, this could lead to unpredictable system behavior, resulting in a system crash or hang. More critically, in limited instances, there’s a possibility of privilege escalation from CPL3 to CPL0.
Intel, while emphasizing that real-world non-malicious software is not expected to encounter this issue, recommends immediate mitigation measures. The company has already released updated microcodes for affected systems, including those with Alder Lake, Raptor Lake, and Sapphire Rapids, with no observed performance impact.
How Google found and responded to Reptar
A Google security researcher identified a vulnerability related to how redundant prefixes are interpreted by the CPU which leads to bypassing the CPU’s security boundaries if exploited successfully. Prefixes allow you to change how instructions behave by enabling or disabling features. The full rules are complicated, but in general, if you use a prefix that doesn’t make sense or conflicts with other prefixes, we call those redundant. Usually, redundant prefixes are ignored.
The impact of this vulnerability is demonstrated when exploited by an attacker in a multi-tenant virtualized environment, as the exploit on a guest machine causes the host machine to crash resulting in a Denial of Service to other guest machines running on the same host. Additionally, the vulnerability could potentially lead to information disclosure or privilege escalation.
Recommendation
Users with affected processors are advised to update to the latest microcode promptly. Intel has provided a comprehensive list of affected CPUs and mitigation guidance. Beyond microcode updates, users are urged to update their BIOS, system OS, and drivers through their original equipment manufacturer (OEM), operating system vendor (OSV), and hypervisor vendors to ensure comprehensive protection against potential exploits.
