A new security vulnerability has been discovered in Intel chips. The vulnerability associated with a problem interpreting redundant prefixes could lead to a complete system crash. Alerted by Google, Intel provides fixes.
Computer security researchers at Google have discovered a flaw in Intel processors. The violation was titled Reptar by investigators. Most of the company’s processors are affected, including the latest Alder Lake, Raptor Lake and Sapphire Rapids architectures.
Intel was alerted by Google researchers and confirmed this the presence of a vulnerability in its processors. By exploiting this, an attacker can gain privileges, access confidential information, or cause a denial of service on the machine without the administrator’s knowledge.
Also read: Intel presents Aurora genAI, its scientific expert ChatGPT
A problem with redundant prefixes
The core of the violation is “a problem with redundant prefixes.” As Intel explains: “Execute an instruction […] encoded with a redundant REX prefix” can cause “a system crash/crash”. In some cases, the flaw opens the door for malicious operations. If such a problem occurs in a system, The same prefixes were repeated unnecessarilywhich leads to malfunctions.
“If you use a prefix that doesn’t make sense or conflicts with other prefixes, we generally call it redundant. “Usually redundant prefixes are ignored,” explains Google in a blog post.
For Tavis Ormandy, the Google researcher behind Reptar’s discovery, the flaw is related to “the way redundant prefixes are interpreted by the CPU.” Ultimately, the breach allows “the security limits of the CPU to be circumvented,” summarizes Google. It causes “very strange behavior” in the system. According to the chip manufacturer, an attacker must first use malicious code to exploit the vulnerability:
“Intel does not believe this issue occurs with real-world non-malware software. Redundant REX prefixes should not be present in code or generated by compilers. Malicious exploitation of this issue requires arbitrary code execution. Intel has recognized the potential for privilege escalation in limited scenarios.”
Intel rolls out patches
To protect its customers, Intel announced providing a number of fixes. The company had previously provided updates for certain Alder Lake, Raptor Lake and Sapphire Rapids chips to correct the situation.
Intel recently released a patch for all other affected processors. If you are wondering whether your terminal is affected, you can view the list of affected processors at this address. Not surprisingly, Intel recommends “updating affected processors as soon as possible” to mitigate potential attacks. As always, the process promises to be lengthy and complex. Computer manufacturers actually have to push the patch to their devices, which can take some time.
According to Jerry Bryant, Intel’s senior director of incident management and security, Intel engineers had already identified a flaw in older processors. The company had planned to deploy a patch around March 2024. Google’s discovery did this urged Intel to speed things up. “This discovery changed our approach,” said the manager.
“Intel discovered this issue internally and was already preparing the ecosystem to release a workaround as part of its Intel Platform Update process. At the request of customers, […]This process typically includes a validation, integration and deployment window once Intel deems the patch to be of production quality and helps ensure remediation is available to all customers on all supported Intel platforms if the issue occurs will be published,” explains Intel in a statement to 01Net.
Reassuringly, the company adds that it is “not aware of any active attack exploiting this vulnerability.” This is not the first security flaw in Intel processors identified by Google. This summer, researchers discovered a vulnerability called “Downfall”. It allows a hacker to steal confidential information by breaking into a chip’s memory.