Intel 10th Gen CPUs & Above Affected By “Reptar” Vulnerability, 12th & 13th Gen CPUs Receive Microcode Mitigations
Intel's 10th Gen CPUs and above are affected by the new "Reptar" Vulnerability" but the company has quickly rolled out a mitigation for its latest chips.
The Reptar vulnerability, which is labeled as CVE-2023-23583 is perceived as a "severe risk" mainly since it has the ability to "allow escalation of privilege and/or information disclosure and/or denial of service via local access". With a CVSS score of 8.8, Reptar has the ability to manipulate ongoing software instructions, which can pose detrimental impacts with one of them being a "'Redundant Prefix Issue". In simple terms, it is when an execution of a particular instruction is interfered with a "REX prefix" which can result in unpredictable system behavior resulting in a system crash/hang.
However, the important fact to note is that this vulnerability was discovered by Google's team of security researchers months ago. According to Tavis Ormandy, the "Reptar" can cause the CPU to malfunction, and can lead to "unexpected behavior" in terms of operations. The vulnerability had a huge impact on virtual machines, which had set the security of cloud hosts and equipment at risk, and potentially put the data of thousands of individuals at stake.
We observed some very strange behavior while testing. For example, branches to unexpected locations, unconditional branches being ignored and the processor no longer accurately recording the instruction pointer in xsave or call instructions.
Oddly, when trying to understand what was happening we would see a debugger reporting impossible states!
This already seemed like it could be indicative of a serious problem, but within a few days of experimenting we found that when multiple cores were triggering the same bug, the processor would
Read more on wccftech.com
