Intel Fixes Critical Vulnerability Affecting All Processors – CVE-2023-23583
Intel has released a microcode update addressing a flaw in mobile, desktop, and server central processors that, if maliciously exploited, could lead to system crashes. This vulnerability, named Reptar with the identifier CVE-2023-23583, impacts nearly all modern Intel processors, posing a severe threat to cloud systems. The exploit could be triggered in a multi-user virtualized environment, causing the host machine to crash abruptly, affecting other virtual machines. Additionally, it might provide unauthorized access to confidential information or privilege escalation.
Discovered by Tavis Ormandy, a cybersecurity expert at Google, Reptar induces processors into an “unpredictable state where normal rules do not apply.” Consequently, affected processors exhibit erratic behavior, causing system crashes even when the code exploiting the vulnerability runs under a guest account on a virtual machine. Most cloud cybersecurity models consider this environment secure from such crashes. Researchers also do not rule out the potential for user privilege escalation.
In August, Ormandy found that the REX prefix used in 64-bit code generated “unexpected results” on Intel processors supporting the Fast Short Repeat Move (FSRM) function. FSRM was introduced with the Ice Lake architecture to alleviate bottlenecks in microcode. The processor’s behavior became unpredictable, leading to unexpected jumps, disregarded unconditional jumps, and imprecise recording of pointers in xsave or call instructions. Debugging efforts revealed messages about impossible states. The failure was reproducible even on non-privileged guest accounts on virtual machines, classifying it as a security issue jeopardizing cloud providers’ operations.
Google engineers reported the discovery to Intel, which was already aware of the “functional issue” on old central processor platforms. Initially rated 5 out of 10, indicating a “functional error,” the severity increased to 8.8 after Intel security experts found a privilege escalation vector. The issue’s resolution was postponed to November 2023, from the initially scheduled fix in March 2024. According to standard disclosure policies, the 90-day period from the manufacturer’s notification expired on November 14.
Ormandy emphasized that he lacks reliable information on exploiting the vulnerability for privilege escalation. However, the flaw’s potential to crash the hypervisor running the virtual machine is critical for cloud providers. Intel categorized the affected products into those with already resolved issues and those requiring a microcode update. The update does not imply an immediate fix; device and motherboard manufacturers must still implement it. Although the likelihood of Reptar occurring on personal machines is deemed low, installing the update is recommended if available.
- I'm Vasyl Kolomiiets, a seasoned tech journalist regularly contributing to global publications. Having a profound background in information technologies, I seamlessly blended my technical expertise with my passion for writing, venturing into technology journalism. I've covered a wide range of topics including cutting-edge developments and their impacts on society, contributing to leading tech platforms.
- Troubleshooting15/11/2023Intel Fixes Critical Vulnerability Affecting All Processors – CVE-2023-23583
- Business15/11/2023Google Pays $8 Billion to Samsung for Default ‘Play Market’ and Search in Galaxy Devices
- Technology04/11/2023North Korea Upgrades Mobile Networks with Huawei Equipment Imports
- Technology03/11/2023Chinese Scientists Invent Passive Saltwater Cooler, Boosts CPU Speed by a Third