Headline
Reptar: New Intel CPU Vulnerability Impacts Multi-Tenant Virtualized Environments
Intel has released fixes to close out a high-severity flaw codenamed Reptar that impacts its desktop, mobile, and server CPUs. Tracked as CVE-2023-23583 (CVSS score: 8.8), the issue has the potential to “allow escalation of privilege and/or information disclosure and/or denial of service via local access.” Successful exploitation of the vulnerability could also permit a bypass of the CPU’s
Vulnerability / Hardware Security
Intel has released fixes to close out a high-severity flaw codenamed Reptar that impacts its desktop, mobile, and server CPUs.
Tracked as CVE-2023-23583 (CVSS score: 8.8), the issue has the potential to “allow escalation of privilege and/or information disclosure and/or denial of service via local access.”
Successful exploitation of the vulnerability could also permit a bypass of the CPU’s security boundaries, according to Google Cloud, describing it as an issue stemming from how redundant prefixes are interpreted by the processor.
“The impact of this vulnerability is demonstrated when exploited by an attacker in a multi-tenant virtualized environment, as the exploit on a guest machine causes the host machine to crash resulting in a Denial of Service to other guest machines running on the same host,” Google Cloud’s Phil Venables said.
“Additionally, the vulnerability could potentially lead to information disclosure or privilege escalation.”
Security researcher Tavis Normandy, in a separate analysis of Reptar, said it can be abused to corrupt the system state and force a machine-check exception.
Intel, as part of November 2023 updates, has published updated microcode for all affected processors. The complete list of Intel CPUs impacted by CVE-2023-23583 is available here. There is no evidence of any active attacks using this vulnerability.
“Intel does not expect this issue to be encountered by any non-malicious real-world software,” the company said in a guidance issued on November 14. “Malicious exploitation of this issue requires execution of arbitrary code.”
The disclosure coincides with the release of patches for a security flaw in AMD processors called CacheWarp (CVE-2023-20592) that lets malicious actors break into AMD SEV-protected VMs to escalate privileges and gain remote code execution.
Found this article interesting? Follow us on Twitter and LinkedIn to read more exclusive content we post.
Related news
Red Hat Security Advisory 2024-4575-03 - An update for linux-firmware is now available for Red Hat Enterprise Linux 8.2 Advanced Update Support.
Red Hat Security Advisory 2024-0753-03 - An update for linux-firmware is now available for Red Hat Enterprise Linux 7.
Debian Linux Security Advisory 5563-1 - Benoit Morgan, Paul Grosen, Thais Moreira Hamasaki, Ke Sun, Alyssa Milburn, Hisham Shafi, Nir Shlomovich, avis Ormandy, Daniel Moghimi, Josh Eads, Salman Qazi, Alexandra Sandulescu, Andy Nguyen, Eduardo Vela, Doug Kwan, and Kostik Shtoyk discovered that some Intel processors mishandle repeated sequences of instructions leading to unexpected behavior, which may result in privilege escalation, information disclosure or denial of service.
By Deeba Ahmed Intel CPU Vulnerability Impacts Multi-Tenant Virtualized Environments. This is a post from HackRead.com Read the original post: Google Reveals ‘Reptar’ Vulnerability Threatening Intel Processors
Ubuntu Security Notice 6485-1 - Benoit Morgan, Paul Grosen, Thais Moreira Hamasaki, Ke Sun, Alyssa Milburn, Hisham Shafi, Nir Shlomovich, Tavis Ormandy, Daniel Moghimi, Josh Eads, Salman Qazi, Alexandra Sandulescu, Andy Nguyen, Eduardo Vela, Doug Kwan, and Kostik Shtoyk discovered that some Intel Processors did not properly handle certain sequences of processor instructions. A local attacker could possibly use this to cause a core hang , gain access to sensitive information or possibly escalate their privileges.
YouTube’s new rules may not be around for long anyway, because they might run afoul of European Union regulations
Sequence of processor instructions leads to unexpected behavior for some Intel(R) Processors may allow an authenticated user to potentially enable escalation of privilege and/or information disclosure and/or denial of service via local access.
A group of academics has disclosed a new "software fault attack" on AMD's Secure Encrypted Virtualization (SEV) technology that could be potentially exploited by threat actors to infiltrate encrypted virtual machines (VMs) and even perform privilege escalation. The attack has been codenamed CacheWarp (CVE-2023-20592) by researchers from the CISPA Helmholtz Center for Information Security. It