Meet Reptar And CacheWarp
Today reveals another set of security concerns about the microcode on certain AMD and Intel CPUs. The flaws are not easy to leverage but theoretically could be used, and so patching is a wise idea. Thankfully neither the Intel patch against Reptar nor AMD’s CacheWarp fix will have no impact on performance, so you won’t have to balance security and usability. The Intel patch for Sapphire Rapids, Alder Lake, and Raptor Lake should show up on your machine in the near future, while AMD’s patch will only be pushed to vulnerable machines.
The CacheWarp vulnerability targets AMD Secure Encrypted Virtualization so the vast majority of users should have no concerns, system admins on the other hand should keep an eye out. An attacker uses page table errors to force the VM to pull stale data from a memory cache, allowing them to attempt to revert a variable to a previous state. An example of this is to revert an unauthenticated session to one which was authenticated, thus gaining access to your VM. The Register’s links will take you to the proof of concept and AMD’s announcement.
Intel’s Reptar is a little more concerning, originally given a low rating as leveraging redundant prefixes generally would just lead to denial of service by hanging or crashing the system. Further investigation revealed that it could also be abused to escalate privileges, which significantly raised the vulnerability rating. This one is being pushed, so you should be patched soon, and you should not see any impact on performance.