Update 17-11-2023: Intel provided an official statement with regard to this vulnerability, which has been added to this article.
Google security experts have found the Reptar vulnerability in Intel CPUs. The vulnerability, which could potentially cause data theft or DNS attacks, has since been patched by Intel.
Several Google security experts have discovered the CVE-2023-23583 vulnerability. The vulnerability named Reptar is a “redundant prefix” problem. When hackers execute a REP MOVSB instruction with a redundant REX prefix within an Intel processor, it can lead to unpredictable system behavior, the chip manufacturer indicates in an advisory. This behavior can then lead to a system crash or hang. It can also lead to the escalation of privileges in some scenarios.
The consequence of the latter action could potentially allow hackers to access sensitive information or launch a DNS attack.
Intel indicates that multiple processor series for desktop, server, mobile and embedded applications are affected by the vulnerability. These include processors based on the Intel Alder Lake, Raptor Lake and Sapphire Rapids micro-architectures.
Intel has since provided a patch for the vulnerability. In addition to running this patch, companies should also update their BIOS, operating system and drivers with the latest microcode from their OEM, operating system and hypervisor vendors.
Furthermore, the chip giant states that the vulnerability is not found in existing secure software or that redundant REX prefixes are present in code or generated by compilers. Abusing this vulnerability would only require running arbitrary (malicious) code.
In an official statement, Intel says: “Intel discovered this issue internally and was already preparing the ecosystem to release a mitigation through our well-documented Intel Platform Update process. At the request of customers, including OEMs and CSPs, this process typically includes a validation, integration, and deployment window after Intel deems the patch meets production quality, and helps ensure that mitigations are available to all customers on all supported Intel platforms when the issue is publicly disclosed. While Intel is not aware of any active attacks using this vulnerability, affected platforms have an available mitigation via a microcode update.”
It is not the first time this year that security experts at Google discovered a major processor vulnerability. In August, among other things, they discovered the Downfall bug in Intel processors. Also discovered in that month was the Zenbleed vulnerability that mainly affects systems with AMD Zen2 processors.