A new security vulnerability called “Reptar” is troubling cloud admins worldwide. The flaw affects various CPU types from the US manufacturer and can be exploited by attackers who have access to a virtual machine on an Intel host.
Advertisement
The error is hidden deep in the registers of modern Intel processors. These have a feature called fsrm or “fast short repeat move”, which can cause an undefined state during certain memory operations on multicore processors from the “Ice Lake” generation onwards. Intel calls this bug a “Redundant Prefix Issue” and has assigned the CVE ID CVE-2023-23583. In one Safety Bulletin The processor manufacturer rates the threat posed by the vulnerability as “high” and gives a CVSSv3 score of 8.8/10.
Tavis Ormandy, prominent security researcher at Google, was involved in analyzing the vulnerability and emphasizes the high risk for cloud providers. His detailed report (which contains traces of assembler), an attacker can trigger the processor bug from a guest VM. A virtual machine rented from an infrastructure provider such as Google Cloud can therefore provoke errors that can lead to the failure of individual processor cores or the entire host system (“Machine Check Exception”). Ormandy provides interested admins with the source code for a test program free House.
Ormandy recommends that every cloud provider patch their own machines quickly. While Intel already has microcode updates and a detailed list of all affected processors has provided, update packages from the major Linux distributions are still a long time coming. Citrix alone has already reacted and created one Bug fix hotfix for the Citrix Hypervisor (formerly Xen).
Security gaps in CPUs have occurred more frequently this year. This is stated by Phil Venables, CISO of the Google cloud division, in his Blog article about “Reptar”. In August, researchers at the search engine giant discovered and published the “Downfall” security vulnerability on Intel CPUs and “Zenbleed,” which affected AMD processors. Just a few days ago, the CISPA Helmholtz Center for Information Security also presented a vulnerability in AMD CPUs known as “CacheWarp” to the public.
(cku)