CVE-2023-23583: Intel Addresses High-Severity CPU Vulnerability
Intel has addressed a high-severity vulnerability affecting its modern desktop, server, mobile, and embedded CPUs, including the latest Alder Lake, Raptor Lake, and Sapphire Rapids microarchitectures. The vulnerability tracked as CVE-2023-23583 and assigned a CVSS score of 8.8, could allow attackers with local access to escalate privileges, gain access to sensitive information, or trigger a denial-of-service (DoS) condition.
The vulnerability stems from a flaw in the way Intel CPUs interpret redundant instruction prefixes. Attackers can exploit this flaw to bypass security boundaries and execute arbitrary code on affected systems. This could allow them to take control of the system, steal sensitive data, or disrupt operations.
The vulnerability affects a wide range of Intel CPUs, including:
- Alder Lake
- Raptor Lake
- Sapphire Rapids
- Ice Lake
- Tiger Lake
- Rocket Lake
- Comet Lake
- Kaby Lake
- Skylake
- Broadwell
- Haswell
Intel has released microcode updates to address the vulnerability. Users are advised to update their BIOS, system OS, and drivers to receive the latest microcode from their original equipment manufacturer (OEM), operating system vendor (OSV), and hypervisor vendors.
What makes this case particularly interesting is the dual discovery of the vulnerability. Intel’s researchers uncovered “Redundant Prefix” while reviewing upcoming functional errata. In a parallel development, a Google researcher independently identified the same denial of service flaw.
Google, referring to the vulnerability as Reptar (CVE-2023-23583), elaborated that the issue arises from how redundant instruction prefixes are interpreted by the CPU. This misinterpretation could potentially allow security boundaries to be bypassed. Google has also published a detailed report on the vulnerability, which provides additional information on the technical details and potential impact.
The Reptar vulnerability is a serious security issue that could be exploited by attackers to gain unauthorized access to affected systems. Users need to apply the available patches as soon as possible to mitigate the risk of exploitation.
