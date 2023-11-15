Intel has recently announced the discovery of a high-severity vulnerability, codenamed Reptar, which affects its desktop, mobile, and server CPUs. This flaw, tracked as CVE-2023-23583, has the potential to enable attackers to escalate privilege, disclose information, and launch denial-of-service attacks through local access.

According to Google Cloud, the issue arises from how the processor interprets redundant prefixes, potentially allowing bypass of the CPU’s security boundaries. In a multi-tenant virtualized environment, an attacker exploiting this vulnerability on a guest machine could cause the host machine to crash, resulting in a Denial of Service to other guest machines running on the same host.

Furthermore, security researcher Tavis Normandy has identified that Reptar can be leveraged to corrupt the system state and trigger a machine-check exception, further compromising the affected systems.