Intel out-of-band patch addresses privilege escalation flaw The Register

Intel on Tuesday issued an out-of-band security update to address a privilege escalation vulnerability in recent server and personal computer chips. The flaw, designated INTEL-SA-00950 and given a CVSS 3.0 score of 8.8 out of 10, affects Intel Sapphire Rapids, Alder Lake, and Raptor Lake chip families. It's being addressed with a microcode update as part of Intel's Patch Tuesday bundle of 31 security advisories that cover 104 CVEs. "Intel discovered this issue internally and was already preparing the ecosystem to release a mitigation through our well-documented Intel Platform Update process," the company said in a statement provided to The Register. "At the request of customers, including OEMs and CSPs, this process typically includes a validation, integration, and deployment window after Intel deems the patch meets production quality, and helps ensure that mitigations are available to all customers on all supported Intel platforms when the issue is publicly disclosed. While Intel is not aware of any active attacks using this vulnerability, affected platforms have an available mitigation via a microcode update." According to a post by Jerry Bryant, senior director of incident response and security communications at Intel, the chip biz's own researchers found the vulnerability, dubbed "Redundant Prefix," while reviewing upcoming functional errata - defects or errors where chips deviate from specifications. HPE and Nvidia offer 'turnkey' supercomputer for AI training Downfall fallout: Intel knew AVX chips were insecure and did nothing, lawsuit claims Intel to build hush-hush fabs to bake chips for US military UK bets on Intel CPUs and GPUs, Dell boxen, OpenStack for Dawn supercomputer. Initially Intel planned to issue a patch in its Intel Platform Update bundle scheduled for March 2024. Subsequent analysis found that there was a way to abuse this issue for privilege escalation. So Intel rescheduled the fix date for November 2023. Separately, according to Bryant, a Google researcher reported finding the same denial of service flaw that Intel's researchers had found internally. Citing a 90-day disclosure policy, Google planned to reveal its findings on November 14, 2023, which coincided with Intel's out-of-band update. Google calls the vulnerability Reptar and in a report, provided to The Register, explains that the issue arises from the way that redundant instruction prefixes are interpreted by the CPU, which can allow security boundaries to be bypassed. "The full rules are complicated, but in general, if you use a prefix that doesn't make sense or conflicts with other prefixes, we call those redundant. Usually, redundant prefixes are ignored." According to Google, an attacker in a multi-tenant virtualized environment could use this vulnerability to target a guest machine in a way that would take down the host, resulting in a denial-of-service for other guests on that host. Or it could lead to the exposure of information or privilege escalation, as noted by Intel. Intel plans to publish a technical paper on Redundant Prefix as well as an explanatory video. The chip giant's paper explains, "Under certain microarchitectural conditions, Intel has identified cases where execution of an instruction encoded with a redundant REX prefix may result in unpredictable system behavior resulting in a system crash/hang, or, in some limited scenarios, may allow escalation of privilege from CPL3 to CPL0.". Intel said it doesn't foresee this coming up for any non-malicious software, since redundant REX prefixes are not typically present in code or generated by compilers. A spokesperson for the chip slinger told The Register that the update is OS loadable, meaning it can be applied without a system reboot, and no performance impact or behavioral changes have been observed as a result of the fix.

This Cyber News was published on www.theregister.com. Publication date: Thu, 30 Nov 2023 23:19:27 +0000


Cyber News related to Intel out-of-band patch addresses privilege escalation flaw The Register

Intel out-of-band patch addresses privilege escalation flaw The Register - Intel on Tuesday issued an out-of-band security update to address a privilege escalation vulnerability in recent server and personal computer chips. The flaw, designated INTEL-SA-00950 and given a CVSS 3.0 score of 8.8 out of 10, affects Intel ...
10 months ago Theregister.com
Intel knew AVX chips were insecure and did nothing - Intel has been sued by a handful of PC buyers who claim the x86 goliath failed to act when informed five years ago about faulty chip instructions that allowed the recent Downfall vulnerability, and during that period sold billions of insecure chips. ...
10 months ago Theregister.com
Vulnerability Summary for the Week of March 4, 2024 - Published 2024-03-06 CVSS Score not yet calculated Source & Patch Info CVE-2023-52584416baaa9-dc9f-4396-8d5f-8c081fb06d67416baaa9-dc9f-4396-8d5f-8c081fb06d67416baaa9-dc9f-4396-8d5f-8c081fb06d67416baaa9-dc9f-4396-8d5f-8c081fb06d67 PrimaryVendor - ...
6 months ago Cisa.gov
CVE-2013-0135 - Multiple SQL injection vulnerabilities in PHP Address Book 8.2.5 allow remote attackers to execute arbitrary SQL commands via the id parameter to (1) addressbook/register/delete_user.php, (2) addressbook/register/edit_user.php, or (3) ...
7 years ago
CVE-2022-37327 - Improper input validation in BIOS firmware for Intel(R) NUC, Intel(R) NUC Performance Kit, Intel(R) NUC Performance Mini PC, Intel(R) NUC 8 Compute Element, Intel(R) NUC Pro Kit, Intel(R) NUC Pro Board, Intel(R) NUC 11 Compute Element, Intel(R) NUC ...
1 year ago
How Patch Management Software Solves the Update Problem - I've never met an IT leader who doesn't know how important patch management is. At Heimdal, we believe patch management software provides the solution to this problem. Patch management software is a technology that allows businesses to automate the ...
3 months ago Heimdalsecurity.com
CVE-2017-17713 - Trape before 2017-11-05 has SQL injection via the /nr red parameter, the /nr vId parameter, the /register User-Agent HTTP header, the /register country parameter, the /register countryCode parameter, the /register cpu parameter, the /register isp ...
6 years ago
CVE-2017-17714 - Trape before 2017-11-05 has XSS via the /nr red parameter, the /nr vId parameter, the /register User-Agent HTTP header, the /register country parameter, the /register countryCode parameter, the /register cpu parameter, the /register isp parameter, ...
6 years ago
Chipmaker Patch Tuesday: Intel, AMD Address New Microarchitectural Vulnerabilities - Chipmakers Intel and AMD have published 10 new security advisories this Patch Tuesday to inform customers about vulnerabilities impacting their products. Intel published eight new advisories, including two that describe high-severity vulnerabilities. ...
6 months ago Securityweek.com
Israel $3.2bn Grant For Intel's $25 Billion Chip Factory - Intel to make its largest ever single investment in Israel, with a $25 billion chip-making factory in the south of the country. Intel and the Israeli government have confirmed plans to construct a $25 billion chip-making factory in Southern Israel. ...
9 months ago Silicon.co.uk
Vulnerability Summary for the Week of March 11, 2024 - Published 2024-03-15 CVSS Score not yet calculated Source & Patch Info CVE-2021-47111416baaa9-dc9f-4396-8d5f-8c081fb06d67416baaa9-dc9f-4396-8d5f-8c081fb06d67416baaa9-dc9f-4396-8d5f-8c081fb06d67 PrimaryVendor - Product linux - linux Description In the ...
6 months ago Cisa.gov
CVE-2023-52780 - In the Linux kernel, the following vulnerability has been resolved: net: mvneta: fix calls to page_pool_get_stats Calling page_pool_get_stats in the mvneta driver without checks leads to kernel crashes. First the page pool is only available if the bm ...
4 months ago Tenable.com
Intel Discloses Max Severity Bug in Its AI Model Compression Software - Intel has disclosed a maximum severity vulnerability in some versions of its Intel Neural Compressor software for AI model compression. The bug, designated as CVE-2024-22476, provides an unauthenticated attacker with a way to execute arbitrary code ...
4 months ago Darkreading.com
March Patch Tuesday fixes Hyper-V guest-host escape The Register - Patch Tuesday Microsoft's monthly patch drop has arrived, delivering a mere 61 CVE-tagged vulnerabilities - none listed as under active attack or already known to the public. The second critical vulnerability, CVE-2024-21408, is a denial of service ...
6 months ago Go.theregister.com
What Is a Privilege Escalation Attack? Types & Prevention - Privilege escalation is a method that threat actors use to increase their access to systems and data that they aren't authorized to see. This guide to privilege escalation attacks covers the two main types, the avenues attackers use, and detection ...
10 months ago Esecurityplanet.com
Key software patch testing best practices - To ensure a predictable rollout when a patch is deployed across your network, it is important to test it first in a nonproduction environment. Companies install software and firmware patches to fix bugs, remove vulnerabilities and add new features, ...
5 months ago Techtarget.com
How to conduct security patch validation and verification - Validation and verification are important steps in the security patch management lifecycle. They help to determine the impact of a patch on the security and efficiency of an organization's IT assets. Patch validation is the process of examining newly ...
5 months ago Techtarget.com
10 of the biggest zero-day attacks of 2023 - Here are 10 of the biggest zero-day attacks of 2023 in chronological order. Zero-day attacks started strong in 2023 with CVE-2023-0669, a pre-authentication command injection vulnerability in Fortra's GoAnywhere managed file transfer product. ...
9 months ago Techtarget.com
Juniper Networks fixed a critical authentication bypass flaw in some of its routers - MUST READ. Threat actors actively exploit D-Link DIR-859 router flaw CVE-2024-0769. CISA adds Oracle WebLogic Server flaw to its Known Exploited Vulnerabilities catalog. Russia-linked APT28 used post-compromise tool GooseEgg to exploit CVE-2022-38028 ...
3 months ago Securityaffairs.com
Critical Apache Log4j2 flaw still threatens global finance - Critical Apache Log4j2 flaw still threatens global finance. CISA adds Apache Flink flaw to its Known Exploited Vulnerabilities catalog. CISA adds GitLab flaw to its Known Exploited Vulnerabilities catalog. Russia-linked APT28 used post-compromise ...
4 months ago Securityaffairs.com
Critical unauthenticated RCE flaw in OpenSSH server - MUST READ. Critical unauthenticated remote code execution flaw in OpenSSH server. Expert released PoC exploit code for Veeam Backup Enterprise Manager flaw CVE-2024-29849. CISA adds Oracle WebLogic Server flaw to its Known Exploited Vulnerabilities ...
3 months ago Securityaffairs.com
Tech CEO Sentenced to 5 Years in IP Address Scheme - Amir Golestan, the 40-year-old CEO of the Charleston, S.C. based technology company Micfo LLC, has been sentenced to five years in prison for wire fraud. Golestan's sentencing comes nearly two years after he pleaded guilty to using an elaborate ...
10 months ago Krebsonsecurity.com
CVE-2017-5682 - Intel PSET Application Install wrapper of Intel Parallel Studio XE, Intel System Studio, Intel VTune Amplifier, Intel Inspector, Intel Advisor, Intel MPI Library, Intel Trace Analyzer and Collector, Intel Integrated Performance Primitives, ...
5 years ago
Patch Now: Attackers Pummel Critical, Easy-to-Exploit OwnCloud Flaw - Hackers are actively exploiting a critical flaw in the open source ownCloud platform that allows access to access admin passwords, mail server credentials, and license keys, exposing their enterprise to data breaches or other types of malicious ...
10 months ago Darkreading.com
Intel Spins Off Enterprise Generative AI Deployment Firm Articul8 - Intel and the global investment firm DigitalBridge Group have formed an independent generative AI software stack company, Articul8 AI, Inc.; Intel announced the new company on Jan. 3. Articul8 will work with Intel and provide solutions for ...
9 months ago Techrepublic.com

Latest Cyber News


Cyber Trends (last 7 days)


Trending Cyber News (last 7 days)