After being alerted by Google security researchers, Intel has just announced the Reptar security flaw affecting several of the company’s processors. The list includes the latest Alder Lake, Raptor Lake and Sapphire Rapids architectures. This flaw has the potential to “enable elevation of privileges and/or disclosure of information and/or denial of service via local access […] In addition, the vulnerability could potentially lead to disclosure of information or elevation of privileges”. The full list of processors affected by this flaw, referenced by Intel as CVE-2023-23583, is available here.
Microcode has already been released, but the best way to mitigate this vulnerability is at hardware level. It’s interesting to note that the 14th generation is not affected by this flaw, which means that a number of processors have already been corrected in hardware.
Other processors can therefore benefit from a software patch, in the form of microcode and globally. Now, let’s be objective: very few users run any risk in using their machine as a result of this breach. However, it is indisputable that the accumulation of these software patches eventually leads to a loss of performance for the overall system. For the moment, this has not been measured, but more information is expected on this precise subject.