oss-sec mailing list archives
Re: CVE-2023-23583: Intel - Denial of Service - Privilege Escalation (Reptar)
From: Demi Marie Obenour <demi () invisiblethingslab com>
Date: Tue, 14 Nov 2023 13:58:21 -0500
On Tue, Nov 14, 2023 at 10:31:51AM -0800, Antonio Gomez Iglesias wrote:
Name of the issue: Redundant Prefix Issue Description of the issue Under certain microarchitectural conditions, Intel has identified cases where execution of an instruction (REP MOVSB) encoded with a redundant REX prefix may result in unpredictable system behavior resulting in a system crash/hang, or, in some limited scenarios, may allow escalation of privilege from CPL3 to CPL0. This Redundant Prefix Issue is assigned CVE-2023-23583 with a CVSS Base Score of 8.8 High CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H. Mitigation Intel is providing a microcode update to mitigate this issue: https://github.com/intel/Intel-Linux-Processor-Microcode-Data-Files/releases/tag/microcode-20231114
Does this also allow privilege escalation from a VM guest to the host? What are the limited scenarios? -- Sincerely, Demi Marie Obenour (she/her/hers) Invisible Things Lab
Attachment:
signature.asc
Description:
Current thread:
- CVE-2023-23583: Intel - Denial of Service - Privilege Escalation (Reptar) Antonio Gomez Iglesias (Nov 14)
- Re: CVE-2023-23583: Intel - Denial of Service - Privilege Escalation (Reptar) Demi Marie Obenour (Nov 14)
- Re: CVE-2023-23583: Intel - Denial of Service - Privilege Escalation (Reptar) Solar Designer (Nov 14)
- Re: CVE-2023-23583: Intel - Denial of Service - Privilege Escalation (Reptar) Solar Designer (Nov 14)
- Re: CVE-2023-23583: Intel - Denial of Service - Privilege Escalation (Reptar) HW42 (Nov 14)
- Re: CVE-2023-23583: Intel - Denial of Service - Privilege Escalation (Reptar) Antonio Gomez Iglesias (Nov 14)
- Re: CVE-2023-23583: Intel - Denial of Service - Privilege Escalation (Reptar) HW42 (Nov 14)
- Re: CVE-2023-23583: Intel - Denial of Service - Privilege Escalation (Reptar) Demi Marie Obenour (Nov 14)