New Intel CPU Vulnerability ‘Reptar’ Can Allow DoS Attacks, Privilege Escalation


Exploitation of a newly disclosed vulnerability affecting some Intel processors could lead to a crash and possibly to privilege escalation and information disclosure.

Tracked as Reptar and CVE-2023-23583, this high-severity flaw can be leveraged by an attacker who already has access to the targeted system. 

The vulnerability has been found to affect CPUs designed by Intel for desktop, mobile and server devices, including 10th and 11th Gen Core, 3rd Gen Xeon, and Xeon D. The chip giant has started releasing microcode updates that patch the issue.

“End users do not have to take any special actions to apply these mitigations other than ensuring that their BIOS, system OS, and drivers are up to date,” Intel said.

The company has credited its own employees as well as several Google employees for independently identifying the vulnerability. 

The name Reptar was given to the security bug by Google, which on Tuesday made public technical details. 

Google noted that the issue is related to the way redundant prefixes are interpreted by Intel processors, allowing for a security bypass. 

“Prefixes allow you to change how instructions behave by enabling or disabling features. The full rules are complicated, but in general, if you use a prefix that doesn’t make sense or conflicts with other prefixes, we call those redundant. Usually, redundant prefixes are ignored,” Phil Venables, VP and CISO at Google Cloud, explained in a blog post.

Advertisement. Scroll to continue reading.

“The impact of this vulnerability is demonstrated when exploited by an attacker in a multi-tenant virtualized environment, as the exploit on a guest machine causes the host machine to crash resulting in a Denial of Service to other guest machines running on the same host. Additionally, the vulnerability could potentially lead to information disclosure or privilege escalation,” Venables added.

This is not the only Intel CPU vulnerability discovered and disclosed recently by Google. In August, the internet giant revealed that Intel processors are affected by a flaw named Downfall, which can be exploited by a local attacker to obtain sensitive information, such as passwords and encryption keys. 

Intel published an additional 30 new security advisories on Tuesday to inform customers about vulnerabilities affecting various products. 

Also on Tuesday, researchers disclosed CacheWarp, a new vulnerability affecting AMD processors. CacheWarp can pose a risk to virtual machines (VMs), potentially allowing attackers to hijack control flow, break into an encrypted VM, and escalate privileges. 

Related: Companies Respond to ‘Downfall’ Intel CPU Vulnerability 

Related: AMD CPU Vulnerability ‘Zenbleed’ Can Expose Sensitive Information

Related: Chipmaker Patch Tuesday: Intel, AMD Address Over 100 Vulnerabilities



Source link