oss-sec mailing list archives
CVE-2023-23583: Intel - Denial of Service - Privilege Escalation (Reptar)
From: Antonio Gomez Iglesias <antonio.gomez.iglesias () intel com>
Date: Tue, 14 Nov 2023 10:31:51 -0800
Name of the issue: Redundant Prefix Issue Description of the issue Under certain microarchitectural conditions, Intel has identified cases where execution of an instruction (REP MOVSB) encoded with a redundant REX prefix may result in unpredictable system behavior resulting in a system crash/hang, or, in some limited scenarios, may allow escalation of privilege from CPL3 to CPL0. This Redundant Prefix Issue is assigned CVE-2023-23583 with a CVSS Base Score of 8.8 High CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H. Mitigation Intel is providing a microcode update to mitigate this issue: https://github.com/intel/Intel-Linux-Processor-Microcode-Data-Files/releases/tag/microcode-20231114
Current thread:
- CVE-2023-23583: Intel - Denial of Service - Privilege Escalation (Reptar) Antonio Gomez Iglesias (Nov 14)
- Re: CVE-2023-23583: Intel - Denial of Service - Privilege Escalation (Reptar) Demi Marie Obenour (Nov 14)
- Re: CVE-2023-23583: Intel - Denial of Service - Privilege Escalation (Reptar) Solar Designer (Nov 14)
- Re: CVE-2023-23583: Intel - Denial of Service - Privilege Escalation (Reptar) Solar Designer (Nov 14)
- Re: CVE-2023-23583: Intel - Denial of Service - Privilege Escalation (Reptar) HW42 (Nov 14)
- Re: CVE-2023-23583: Intel - Denial of Service - Privilege Escalation (Reptar) Antonio Gomez Iglesias (Nov 14)
- Re: CVE-2023-23583: Intel - Denial of Service - Privilege Escalation (Reptar) HW42 (Nov 14)
- Re: CVE-2023-23583: Intel - Denial of Service - Privilege Escalation (Reptar) Demi Marie Obenour (Nov 14)