Cilmi-baaraha amniga Google Tavis Ormandy ayaa aqoonsaday baylah cusub (CVE-2023-23583) ee soo-saareyaasha Intel, oo loo yaqaan Reptar, kaas oo ugu horreyn khatar ku ah nidaamyada daruuriga ah ee ku shaqeeya mashiinnada casriga ah ee isticmaaleyaasha kala duwan. Nuglaanta waxay sababi kartaa in nidaamka laalaadiyo ama shil marka la qabanayo hawlo gaar ah nidaamka martida aan mudnaanta lahayn. Utility abuuraya shuruudaha ka faa'iidaysiga ayaa loo daabacay ujeeddooyin tijaabo ah.
Aragti ahaan, nuglaanta waxaa looga faa'iidaysan karaa in kor loogu qaado mudnaanta laga bilaabo giraanta 3 ilaa giraanta 0 (CPL0) lagana baxsado bay'ada go'doonsan, laakiin muuqaalkan weli laguma xaqiijin ficil ahaan sababtoo ah dhibaatooyinka ka saarista heerka dhismaha yar yar. Tijaabada gudaha ee Intel waxay sidoo kale muujisay suurtagalnimada ka faa'iidaysiga u nuglaanshaha mudnaanta sare u qaadida xaaladaha qaarkood.
Sida laga soo xigtay cilmi-baadhaha, dayacanka ayaa saameeya qoysaska Ice Lake, harada Rocket Lake, Tiger Lake, Raptor Lake, Alder Lake, iyo Sapphire Rapids qoysaska soo-saarayaasha Intel. Warbixinta Intel waxay xustay in arrintu ay saameynayso jiilka 10-aad (Ice Lake) Processor-yaasha Intel Core iyo jiilka saddexaad ee Xeon Scalable Processor, iyo sidoo kale Xeon E/D/W Processor-yaasha (Ice Lake, Skylake, Haswell, Broadwell, Skylake, Sapphire Rapids, Emerald Rapids, Cascade Lake, Coopertom Lake, Processor) Jasper Lake, Arizona Beach, Alder Lake, Parker Ridge, Snow Ridge, Elkhart Lake, iyo Denverton). Nuglaanta waxaa lagu hagaajiyay cusboonaysiinta microcode ee shalay 20231114.
Nuglaanta waxaa sababa xaalad gaar ah oo yar yar halkaas oo fulinta tilmaanta "REP MOVSB" lagu dhejiyay horgale "REX" oo aan caadi ahayn, taasoo horseedaysa dabeecad aan la qeexin. Arrinka ayaa la ogaaday intii lagu jiray tijaabinta horgalayaasha dheeraadka ah, kuwaas oo aragti ahaan ay tahay in la iska indho tiro laakiin ficil ahaan u horseeday saameyn yaab leh, sida iska indha-tirka boodboodka shuruud la'aanta ah iyo khalkhalgelinta tilmaamayaasha kaydinta xsave iyo tilmaamaha wac. Falanqaynta dheeraadka ah waxay muujisay in ku darista horgale aan caadi ahayn oo lagu daro "REP MOVSB" tilmaamaha ay wax u dhimayso waxa ku jira ROB (Dib u Dalbaynta Buffer), kaas oo loo isticmaalo habaynta tilmaamaha.
Khaladka ayaa la rumeysan yahay inuu sababay xisaabinta khaldan ee MOVSB ee cabbirka tilmaamaha, taas oo horseedaysa carqalad ku yimaadda wax ka qabashada tilmaamaha loo qoro ROB buffer ka dib MOVSB oo leh horgale xad-dhaaf ah, iyo khaladka tilmaamayaasha tilmaamaha. Kala soocidaani waxay ku koobnaan kartaa khalkhal galinta xisaabinta dhexe iyadoo dib loo soo celinayo xaalad joogta ah. Si kastaba ha ahaatee, haddii shilku isku mar kaco koorasyo badan ama dunta SMT, waxay sababi kartaa musuqmaasuq ku filan microarchitectural si uu u keeno shil.
Source: opennet.ru
