Intel has recently fixed a critical CPU vulnerability (CVE-2023-23583) affecting a range of its modern processors, spanning desktop, server, mobile, and embedded CPUs. This vulnerability, known as the ‘Redundant Prefix Issue,’ has the potential for exploitation by attackers to escalate privileges, access sensitive information, or trigger a denial-of-service state.
While Intel doesn’t anticipate real-world software encountering the issue, it could be exploited with the execution of arbitrary code. The vulnerability has been addressed through microcode updates, with affected systems receiving updated microcodes before November 2023, and users are advised to update their BIOS, system OS, and drivers to receive the latest microcode.
Intel identified the issue under specific microarchitectural conditions, where the execution of an instruction (REP MOVSB) with a redundant REX prefix might result in unpredictable system behavior, leading to a system crash or hang.
In limited scenarios, it could allow privilege escalation from CPL3 to CPL0. The affected processors, including those in Alder Lake, Raptor Lake, and Sapphire Rapids, have received updated microcodes, and Intel reported no observed performance impact or expected issues. Additionally, Google researcher Tavis Ormandy independently discovered the vulnerability, termed ‘Reptar,’ highlighting its unusual behavior related to how redundant prefixes are interpreted by the CPU.
Intel recommends users update their affected processors to the specified microcode version to mitigate the redundant prefix issue. Operating system vendors (OSVs) may also provide updates containing the new microcode. The flaw has brought attention to the critical role of timely updates and security patches in addressing vulnerabilities, emphasizing the need for users to stay informed about their system’s security and apply updates promptly to safeguard against potential exploits.