Intel is rolling out microcode updates for numerous CPUs affected by a high-severity bug. The flaw, designated CVE-2023-23583 and named Reptar by its discoverer, Tavis Ormandy, affects Intel CPUs that support the “fast short repeat move” feature introduced with the Ice Lake architecture.
The “fast short repeat move” feature was developed to fix microcoding bottlenecks, but Google security researcher Tavis Ormandy found that it has a flaw that can lead to unexpected behavior in certain conditions.
This flaw causes all modern CPUs to “enter a glitch state where the normal rules don't apply.” It can cause system crashes even when untrusted code is executed on a guest account of a virtual machine (via Ars Technica).
Intel has released a fix for several CPUs
Yesterday, Intel started rolling out microcode updates for its affected CPUs. The list of products that have received the update includes:
- Intel Core i5-1035G1
- Intel Xeon Gold 5318N
- Intel Xeon D-1726
- Intel Core i7-11700K
- Intel Core i7-1185G7
- Intel Core i5-1155G7
- Intel Core i7-11800H
- Intel Core i5-11400F
Intel CPUs that have already mitigated this issue before the recent microcode update include:
- Intel Core i5-1235U
- 4th Generation Intel Xeon Scalable Family (CPUU ID: 806F8)
- 13th Generation Intel Core Family (CPU ID: B0671)
Intel's microcode update has to be made available by device or motherboard manufacturers. Customers using Intel CPUs from the Ice Lake and newer generations are advised to search for the fix on the website of their device or MB manufacturers.
