The CPU manufacturer Intel recently released microcode updates to address a security vulnerability registered as CVE-2023-23583, which has been classified as highly severe. This vulnerability affects various desktop, server, and mobile processors and could potentially allow authenticated attackers with local access to escalate their privileges, steal information, and execute DoS attacks.
The security flaw, referred to by Intel as the “Redundant Prefix Issue,” specifically pertains to the execution of an instruction (REP MOVSB) that, under certain microarchitectural conditions, could lead to unpredictable system behavior. This could result in system crashes and, in some cases, privilege escalation.
Although Intel rates the problem as serious, with a severity score of 8.8 out of 10, the company does not anticipate it occurring in practice with non-malicious software. Nevertheless, updated microcodes have already been released for some affected CPUs, including Alder Lake, Raptor Lake, and Sapphire Rapids, prior to November 2023. Motherboard manufacturers are expected to provide BIOS updates for affected CPUs.
The vulnerability was independently discovered by several Google security researchers and given the name “Reptar.” According to Google Cloud CISO Phil Venables, the issue stems from how redundant prefixes are interpreted by the CPU. The impact can be significant, particularly in virtualized environments, where an attack on a guest computer could lead to the host computer crashing, resulting in denial of service for other guest computers, as well as privilege escalation and data theft.