Google researchers have discovered and responsibly disclosed to Intel a new vulnerability called “Reptar.” Reptar (CVE-2023-23583) affects Intel desktop, mobile, and server CPUs. Intel has since released mitigations to protect users with a firmware update. Without remediation, the vulnerability would allow an attacker to perform privilege escalation, data exfiltration, and denial of service attacks.
How does Reptar work?
According to Google researchers, the vulnerability is “related to how redundant prefixes are interpreted by the CPU which leads to bypassing the CPU’s security boundaries if exploited successfully.”
Prefixes allow you to change how instructions behave by enabling or disabling features.
“The full rules are complicated, but generally, if you use a prefix that doesn’t make sense or conflicts with other prefixes, we call those redundant. Usually, redundant prefixes are ignored,” Phil Venables, VP and CISO at Google Cloud explained.
How to Remediate the Intel Reptar Vulnerability
Intel has released mitigations to protect users from Reptar. These mitigations include firmware updates and microcode updates. Users should install these mitigations as soon as possible to protect themselves from the vulnerability.
Affected Intel processors include 10th and 11th Gen Core, 3rd Gen Xeon, and Xeon D. A full list of affected Intel processors and the applicable firmware updates are available on the Intel website.
