Intel recently released a critical security fix for a newly discovered vulnerability affecting its CPUs. Dubbed “Reptar,” the vulnerability affects most modern Intel chips, attracting attention from numerous security researchers. Considering its severity, patching the vulnerable systems immediately is inevitable.
New Reptar Vulnerability Risks Intel CPUs
As explained, the tech giant found a privilege escalation vulnerability in its CPUs that could allow an authenticated adversary to access sensitive information or trigger a system crash. Stating the issue in the advisory, Intel described,
Sequence of processor instructions leads to unexpected behavior for some Intel(R) Processors may allow an authenticated user to potentially enable escalation of privilege and/or information disclosure and/or denial of service via local access.
This vulnerability (CVE-2023-23583), identified as “Reptar,” received a high-severity rating with a CVSS score 8.8.
While this discovery seems like a usual vulnerability detection, its severity appears from the fact that this vulnerability also caught the attention of Google researchers.
According to a recent post, Google researcher Travis Ormandy and other researchers from the Google Project Zero Team also discovered this vulnerability independently. And what caught their attention was the peculiarity of this flaw’s behavior.
We observed some very strange behavior while testing. For example, branches to unexpected locations, unconditional branches being ignored and the processor no longer accurately recording the instruction pointer in
Oddly, when trying to understand what was happening we would see a debugger reporting impossible states!
Ormandy’s post presents a detailed analysis of the vulnerability. Following this discovery, Google researchers also contacted Intel to report the matter. Intel also acknowledged their bug report in its advisory.
Patches Being Released For The Users
To patch this flaw, Intel released a microcode update that the respective vendors have started rolling out to the consumers. For instance, NetApp and Citrix have recently released updates for their users to address this vulnerability. All users must ensure to update their computers, mobile devices, and servers with the latest system and BIOS updates to receive the patch.
Besides, for systems where an immediate patch isn’t possible, Ormandy recommended disabling the “fast strings via the
IA32_MISC_ENABLE model specific register.” However, the researcher warned that this mitigation strategy may cause “significant performance penalty” and so shouldn’t be applied unless inevitable.
Let us know your thoughts in the comments.