CVE-2023-23583, also referred to as Reptar by Google and Redundant Prefix by Intel, is a CPU vulnerability affecting multiple Intel processor families including Sapphire Rapids, Alder Lake, and Raptor Lake. The issue is triggered by a specific sequence of processor instructions involving redundant instruction prefixes; Intel specifically noted REP MOVSB encoded with a redundant REX prefix under certain microarchitectural conditions. This malformed but architecturally accepted instruction sequence can cause unexpected processor behavior, including crashes or hangs, and in limited scenarios may permit privilege escalation. Public reporting also states that the flaw arises from how redundant prefixes are interpreted by the CPU, potentially bypassing CPU security boundaries. Intel describes exploitation as requiring local authenticated access, while reporting from Google and Intel indicates guest VMs in virtualized environments may be able to trigger the condition against the underlying host.
Mallory correlates every CVE against your assets, your vendors, and active adversary campaigns. Know which vulnerabilities matter for you, not just which ones are loud.
What it means. What to do now. Patch path, mitigations, and the assume-compromise checklist.
What an attacker gets, and what they’ve been doing with it.
If you can’t patch tonight, do this now.
Patch, then assume compromise.
No public exploits tracked yet. Mallory keeps watching.
No public exploit code observed for this vulnerability.
Products and vendors Mallory has correlated with this vulnerability. Open in Mallory to drill down to specific CPE configurations and version ranges.
Vendor-confirmed product mapping. Mallory continuously reconciles this list against your asset inventory.
6 sources tracked across advisories, community write-ups, and news. New activity surfaces here as Mallory finds it.
An Intel processor vulnerability referred to as Reptar, mentioned in the content only as an example in detection guidance affecting specific Intel processor families including Alder Lake, Raptor Lake, and Sapphire Rapids.
A CPU vulnerability in several Intel desktop, mobile, and server CPUs caused by how redundant prefixes are interpreted by the CPU, potentially enabling denial of service, information disclosure, or privilege escalation, especially in multi-tenant virtualized environments.
A vulnerability in recent Intel CPUs involving redundant instruction prefixes that can cause denial of service, bypass security boundaries, and in limited scenarios allow privilege escalation from CPL3 to CPL0, including guest VM impact on hypervisor hosts.
Query your assets running an affected version, and investigate the blast radius.
Every observed campaign linking this CVE to a named adversary.
Malware families riding this exploit, with evidence and IOCs.
YARA, Sigma, Snort, and vendor rules, auto-deployed to your SIEM.
Cross-references every affected SKU, including bundled OEM variants.
Community discussion across Reddit, Mastodon, and other social sources.