A new security flaw has been discovered in Intel chips. The vulnerability, linked to a problem interpreting redundant prefixes, can lead to a complete system crash. Alerted by Google, Intel deploys fixes.
Computer security researchers at Google have discovered a flaw in Intel processors. The breach was titled Reptar by investigators. It affects most of the company’s processors, including the latest Alder Lake, Raptor Lake, and Sapphire Rapids architectures.
Alerted by Google researchers, Intel confirmed the existence of a vulnerability in its processors. By exploiting this, an attacker can grant himself privileges without the administrator’s knowledge, access sensitive information or cause a denial of service on the machine.
Also read: Intel presents Aurora genAI, its expert science ChatGPT
A problem with redundant prefixes
At the heart of the breach, we find “a redundant prefix problem”. As Intel explains, “the execution of an instruction (…) coded with a redundant REX prefix” can provoke “a system crash/crash”. In some cases, the flaw opens the door to malicious operations. When this type of problem appears in a system, the same prefixes were repeated unnecessarilywhich causes malfunctions.
“In general, if you use a prefix that doesn’t make sense or conflicts with other prefixes, we call them redundant. Usually redundant prefixes are ignored »explains Google in a blog post.
For Tavis Ormandy, the Google researcher behind the discovery of Reptar, the flaw is linked to “how redundant prefixes are interpreted by the CPU”. Finally, the breach allows “bypass CPU security limits”, sums up Google. It causes a “very strange behavior” on the system. According to the chip manufacturer, an attacker must first deploy malicious code to exploit the flaw:
“Intel does not expect this issue to be encountered by real-world non-malware software. Redundant REX prefixes should not be present in code or generated by compilers. Malicious exploitation of this issue requires execution of arbitrary code. Intel has identified the potential for privilege escalation in limited scenarios ».
Intel rolls out patches
To protect its customers, Intel announced the deployment of a series of fixes. Upstream, the company had already deployed updates to certain Alder Lake, Raptor Lake and Sapphire Rapids chips to correct the situation.
More recently, Intel released a patch for all other affected processors. If you are wondering if your terminal is affected, you can consult the list of affected processors at this address. Unsurprisingly, Intel recommends “update the affected processors” as soon as possible in order to stem any potential attacks. As always, the process promises to be long and complex. Computer manufacturers will indeed have to push the patch onto their devices, which may take some time.
According to Jerry Bryant, Intel’s senior director for incident management and security, Intel engineers had already identified a bug in older processors. The firm had planned to deploy a patch around March 2024. Google’s discovery has pushed Intel to speed things up. According to the manager, “this discovery changed our approach”.
This is not the first security flaw identified by Google on Intel processors. This summer, a vulnerability called “Downfall” had already been spotted by researchers. It allows a hacker to steal sensitive information by delving into a chip’s memory.