Intel emits patch to squash chip bug that lets any guest VM crash host servers

Intel on Tuesday issued an out-of-band security update to address a privilege escalation vulnerability in recent server and personal computer chips.

The flaw, designated INTEL-SA-00950 and given a CVSS 3.0 score of 8.8 out of 10, affects Intel Sapphire Rapids, Alder Lake, and Raptor Lake chip families.

“At the request of customers, including OEMs and CSPs, this process typically includes a validation, integration, and deployment window after Intel deems the patch meets production quality, and helps ensure that mitigations are available to all customers on all supported Intel platforms when the issue is publicly disclosed. While Intel is not aware of any active attacks using this vulnerability, affected platforms have an available mitigation via a microcode update.”

HPE and Nvidia offer ‘turnkey’ supercomputer for AI training Downfall fallout: Intel knew AVX chips were insecure and did nothing, lawsuit claims Intel to build hush-hush fabs to bake chips for US military UK bets on Intel CPUs and GPUs, Dell boxen, OpenStack for Dawn supercomputer.

Initially Intel planned to issue a patch in its Intel Platform Update bundle scheduled for March 2024.

The chip giant’s paper explains, “Under certain microarchitectural conditions, Intel has identified cases where execution of an instruction encoded with a redundant REX prefix may result in unpredictable system behavior resulting in a system crash/hang, or, in some limited scenarios, may allow escalation of privilege from CPL3 to CPL0.”.

Share this article on social media:

Subscribe to Our Newsletter!
Stay on top of cybersecurity risks, evolving threats and industry news.
This field is for validation purposes and should be left unchanged.

Recent News

Featured Services

The Latest Cybersecurity News

From major cyberattacks, newly discovered critical vulnerabilities to recommended best practices, read it here first:

BOOK A MEETING

Enter your Email Address

This field is for validation purposes and should be left unchanged.

* No free email provider (e.g: gmail.com, hotmail.com, etc.)

This site is registered on wpml.org as a development site. Switch to a production site key to remove this banner.