Reptar: New Intel CPU Vulnerability Impacts Multi-Tenant Virtualized Environments

Intel has released fixes to close out a high-severity flaw codenamed Reptar that impacts its desktop, mobile, and server CPUs.

Tracked as CVE-2023-23583 (CVSS score: 8.8), the issue has the potential to “allow escalation of privilege and/or information disclosure and/or denial of service via local access.”

Successful exploitation of the vulnerability could also permit a bypass of the CPU’s security boundaries, according to Google Cloud, which described it as an issue stemming from how redundant prefixes are interpreted by the processor.

“The impact of this vulnerability is demonstrated when exploited by an attacker in a multi-tenant virtualized environment, as the exploit on a guest machine causes the host machine to crash resulting in a Denial of Service to other guest machines running on the same host,” Google Cloud’s Phil Venables said.

“Additionally, the vulnerability could potentially lead to information disclosure or privilege escalation.”

Security researcher Tavis Normandy, in a separate analysis of Reptar, said it can be abused to corrupt the system state and force a machine-check exception.

Intel, as part of November 2023 updates, has published updated microcode for all affected processors. The complete list of Intel CPUs impacted by CVE-2023-23583 is available here. There is no evidence of any active attacks using this vulnerability.

“Intel does not expect this issue to be encountered by any non-malicious real-world software,” the company said in a guidance issued on November 14. “Malicious exploitation of this issue requires execution of arbitrary code.”

The disclosure coincides with the release of patches for a security flaw in AMD processors called CacheWarp (CVE-2023-20592) that lets malicious actors break into AMD SEV-protected VMs to escalate privileges and gain remote code execution.

Related Posts
Clear Filters

Investigadores de ciberseguridad han descubierto una nueva variante de una botnet emergente llamada P2PInfect que es capaz de atacar routers y…

Microsoft ha advertido de una nueva ola de ataques de ransomware CACTUS que aprovechan los señuelos de publicidad maliciosa para…

Devel Group
Privacy Preferences
When you visit our website, it may store information through your browser from specific services, usually in form of cookies. Here you can change your privacy preferences. Please note that blocking some types of cookies may impact your experience on our website and the services we offer.