

# **Security Bulletin**

# Intel Redundant Prefix Issue

Author(s) : Eviden PSIRT

Reference : PSIRT-626

Created : 12 April 2024

Version : 2.8

Status : Remediation

TLP Classification : CLEAR

Document date : 18 March 2025

Keywords : CVE-2023-23583

# TLP:CLEAR

Sources may use TLP:CLEAR when information carries minimal or no foreseeable risk of misuse, in accordance with applicable rules and procedures for public release. Subject to standard copyright rules, TLP:CLEAR information may be shared without restriction.

FOR PUBLIC USE

**Eviden PSIRT** 

Intel Redundant Prefix Issue - CVE-2023-23583

# List of changes

| Version | Date       | Description                                   |  |
|---------|------------|-----------------------------------------------|--|
| 0.1     | 2023/11/14 | Initial neutralization version                |  |
| 0.2     | 2023/12/17 | Adding internal PSIRT reference               |  |
| 0.3     | 2024/01/29 | TS ETA added                                  |  |
|         |            | Eaglestream components added with TS.         |  |
| 0.4     | 2024/04/12 | BIOS version for Bullsequana SA version added |  |
| 0.5     | 2024/09/31 | TS version for BullSequana SH updated         |  |
|         |            | TS for BullSequanaEX updated                  |  |
|         |            |                                               |  |
| 0.6     | 2024/12/03 | URL for BullSequana E added to bulletin,      |  |
|         |            | change TS information (Edge)                  |  |
| 0.7     | 2025/02/27 | TS version added to table                     |  |
| 2.8     | 2025/03/18 | Status changed for Remediation, TLP changed   |  |
|         |            | for CLEAR                                     |  |

# **Executive summary**

Intel has released a Security Bulletin, INTEL-TA-00950 2024.1 IPU, addressing the Intel® Processor Advisory associated with the CVE-2023-23583 vulnerability. This bulletin introduces an updated microcode that effectively mitigates vulnerability impacting BullSequana servers.

Some Intel Processors may exhibit unexpected behavior due to a sequence of processor instructions. This could potentially enable an authenticated user to escalate privileges, disclose information, or cause denial of service through local access.

A specialist user who has been authenticated through the local operating system access has the potential to significantly affect the confidentiality (high), integrity (high), and availability (high) of a system. This can be achieved through the escalation of privilege, information disclosure, and denial of service. These actions are made possible by exploiting a sequence of processor instructions that result in unexpected behavior in certain Intel® Processors.

# **Vulnerability Info**

| CVE No.        | CVSS Score | Type of Vulnerability                                  |
|----------------|------------|--------------------------------------------------------|
| CVE-2023-23583 | 8.8        | CWE-1281 - Sequence of Processor Instructions Leads to |
|                |            | Unexpected Behavior                                    |
|                |            | AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H                    |
|                |            |                                                        |

Version: 2.8 2 of 8

TLP:CLEAR

Intel Redundant Prefix Issue - CVE-2023-23583

**Eviden PSIRT** 

# Affected products

The products are affected according to the precise versions of processor embedded. The Intel processors report their precise version through the CPUID instruction.

### Windows operating systems

Follow Intel's instruction to get your CPUID. The CPUID is part of the processor ID.



### Linux operating systems

To obtain the CPUID of your Intel CPU, use the following command.

```
lscpu | awk '\
(\$1 == "Model:") \{m1=\$2/16; m2=\$2\$16\} \setminus
($1 == "Stepping:") \{step=$2\} \setminus
($1 " " $2 == "CPU family:"){family=$3}\
END{printf("%.1x%.2x%.1x%.1x\n",m1,family,m2,step)} '
```

```
$ 1scpu | awk '
($1 == "Model:"){m1=$2/16; m2=$2%16}\
($1 == "Stepping:"){step=$2}\
($1 " " $2 == "CPU family:"){family=$3}\
END{printf("%.1x%.2x%.1x%.1x\n",m1,family,m2,step)} '
806ec
```

#### List of affected CPUID

The reference for affected CPUID is Intel's consolidated list of affected processors. The affected CPUID that you may find in BullSequana platforms are of the following type:

| Component name   | CPUID | мси        | Comments |
|------------------|-------|------------|----------|
| Ice Lake Xeon-SP | 606A6 | 0x0d0003b9 |          |
| Ice Lake D       | 606C1 | 0x01000268 |          |
| Sapphire Rapids  | 806F8 | 0x2B000461 |          |

## List of Enterprise and Edge servers

BullSequana Enterprise SA, SH and Edge EX servers are affected.

Version: 2.8 3 of 8 Intel Redundant Prefix Issue - CVE-2023-23583

**Eviden PSIRT** 

The table below provides the Technical State to apply to implement Intel mitigation measures.

| CPUID | Bull Sequana | Bull        | Bull        | Bull       | Bull Sequana |
|-------|--------------|-------------|-------------|------------|--------------|
|       | SA11i        | Sequana     | Sequana     | Sequana SH | EX           |
|       |              | SA21i       | SA21Si      |            |              |
| 806F8 | TS-SA1-0001  | TS-SA1-0001 | TS-SA1-0001 | TS45.01    | TS44.01      |
|       | F21          | F18         | F18         | TS45.01    | TS44.01      |

## List of HPC products

BullSequana X400-A5, X400-A6, X400-E5, X800 and X1000 series are not affected.

The table below provides the Technical State to apply to implement Intel mitigation measures.

| CPUID | Bull<br>Sequana<br>XH2135<br>(CIR) | Bull<br>Sequana<br>XH2140<br>(C4E) | Bull<br>Sequana<br>X3140<br>(TRIO) | Bull<br>Sequana<br>X3145<br>(TIYA) | Bull Sequana<br>X400-E7 |
|-------|------------------------------------|------------------------------------|------------------------------------|------------------------------------|-------------------------|
|       |                                    | N/A                                | N/A                                | N/A                                | X430-E7 2U1N1S: F21     |
| 606A6 | TS69.02                            |                                    |                                    |                                    | X430-E7 2U1N2S: F18     |
| 606A6 | (11/2024)                          |                                    |                                    |                                    | X440-E7 2U4N2S: F19     |
|       |                                    |                                    |                                    |                                    | X450-E7 2U1N2S_2G: F16  |
|       |                                    | N/A                                | N/A                                | N/A                                | X430-E7 2U1N1S: F21     |
| 606C1 | TS69.02                            |                                    |                                    |                                    | X430-E7 2U1N2S: F18     |
| 00001 | (11/2024)                          |                                    |                                    |                                    | X440-E7 2U4N2S: F19     |
|       |                                    |                                    |                                    |                                    | X450-E7 2U1N2S_2G: F16  |
| 00650 | N1/A                               | TS69.02                            | TS 13.02                           | TS13.01                            | N/A                     |
| 806F8 | N/A                                | (11/2024)                          | (11/2023)                          | (09/2023)                          |                         |

### Disclaimer

Although Eviden makes effort to provide accurate and complete information, Eviden shall not be liable if the above tables are incomplete or erroneous. During its vulnerability analysis process, the information in this document is subject to change without notice to reflect new results of this analysis.

TS (technical state) with no number indicates that a new technical state fixing the vulnerabilities is scheduled.



#### Intel Redundant Prefix Issue - CVE-2023-23583

Eviden PSIRT

TBD (to be defined) indicates that a new technical state fixing the vulnerabilities is under study.

Unpatched means that the vulnerability is presumably present, but there is no plan to provide a fix. This can be investigated on demand.

### Recommendations

Eviden recommends applying its Technical States upgrade on its servers as soon as they are made available.

It is advised by Intel to keep the microcode up-to-date by installing the latest versions provided in the IPU 2023.4 Out of Band (OOB) Guidance Document. The availability dates for these updates will be frequently updated and can be accessed through the IPU 2023.4 Out of Band (OOB) Guidance tab. Additionally, the microcode patch can be loaded onto the operating system.

To update the microcode stored in the platform flash identified by the firmware interface table (FIT) entry point1, Intel advises adhering to the steps outlined below. Detailed steps on the microcode loading points can be found at:

https://www.intel.com/content/www/us/en/developer/articles/technical/software-security-quidance/secure-coding/loading-microcode-os.html

## **Available Vendor Patches**

No validated patch is available at the time. Eviden is working with its suppliers to distribute updates as soon as possible.

Technical States links for Eviden servers are reminded in the table below.

| Product             | Technical State link                                                                             |
|---------------------|--------------------------------------------------------------------------------------------------|
| Bull Sequana XH2000 | https://support.bull.com/ols/product/platforms/hw-extremcomp/sequana/xh2000/dl/pkgf/pkg          |
| Bull Sequana E      | https://support.bull.com/ols/product/platforms/bullion/bullsequana-<br>edge-servers/dl/pkgf/pkgf |

## **Available Workarounds**

No workaround is available.

# **Available Mitigations**

No mitigation identified.

# Available Exploits/PoC

Eviden is not aware of any exploitation of the reported vulnerabilities.

18 March 2025 **Version: 2.8** 

5 of 8

# FOR PUBLIC USE



an atos business

Intel Redundant Prefix Issue - CVE-2023-23583

**Eviden PSIRT** 

## References

- 1. <a href="https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00950.html">https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00950.html</a>
- 2. <a href="https://www.intel.com/content/www/us/en/developer/topic-technology/software-security-guidance/processors-affected-consolidated-product-cpu-model.html">https://www.intel.com/content/www/us/en/developer/topic-technology/software-security-guidance/processors-affected-consolidated-product-cpu-model.html</a>
- 3. <a href="https://www.intel.com/content/www/us/en/developer/articles/technical/soft">https://www.intel.com/content/www/us/en/developer/articles/technical/soft</a> ware-security-guidance/secure-coding/loading-microcode-os.html

**Eviden PSIRT** 

# Glossary of terms

| Term           | Description                                                     |
|----------------|-----------------------------------------------------------------|
| Mitigation     | Refers to a setting, common configuration, or general best-     |
|                | practice, existing in a default state that could reduce the     |
|                | severity of exploitation of a vulnerability                     |
| Neutralization | The neutralization phase is the decision-making process         |
|                | during which the risk posed by an incident is evaluated.        |
| PoC            | Proof of Concept                                                |
| Remediation    | The remediation phase ends with the delivering of a qualified   |
|                | solution/update fixing the vulnerability without regression.    |
| TI             | Threat Intelligence                                             |
| TLP            | Traffic Light Protocol (TLP) FIRST Standards Definitions and    |
|                | Usage Guidance — Version 2.0. <u>https://www.first.org/tlp/</u> |
| Workaround     | Refers to a setting or configuration change that does not       |
|                | correct the underlying vulnerability but would help block       |
|                | known attack vectors before you apply the update                |

## About this document

Eviden continuously monitors the security of its products. This Security Bulletin is shared under the constraints of the FIRST Traffic Light Protocol version 2.0 (TLP) to bring attention of owners of the potentially affected Eviden products. Eviden recommends that all product owners determine whether the described situation is applicable to their individual case and take appropriate action.

Although Eviden makes effort to provide accurate and complete information, Eviden shall not be liable for technical or editorial errors contained in this Bulletin. The information provides is provided "as is" without warranty of any kind. To the extent permitted by the Law, neither Eviden nor its affiliates, subcontractors or suppliers will be liable for incidental damages, downtime cost, lost profits, damages relating to the procurement of substitute products or services, or damages for loss of data, or software restoration. Product and company names mentioned herein may be trademarks of their respective owners.

The information in this document is subject to change without notice. The version of this document will be incremented according to the changes:

- Neutralization security bulletins are numbered 0.x
- Privately disclosed Remediation security bulletins are numbered 1.x
- Publicly disclosed Remediation security bulletins are numbered 2.x

Updated versions of this document can be found on:

https://support.bull.com/ols/product/security/psirt

TLP:CLEAR

Intel Redundant Prefix Issue - CVE-2023-23583

**Eviden PSIRT** 

### **About Atos**

Atos is a global leader in digital transformation with 105,000 employees and annual revenue of c. € 11 billion. European number one in cybersecurity, cloud and high-performance computing, the Group provides tailored end-to-end solutions for all industries in 69 countries. A pioneer in decarbonization services and products, Atos is committed to a secure and decarbonized digital for its clients. Atos is a SE (Societas Europaea) and listed on Euronext Paris.

The <u>purpose of Atos</u> is to help design the future of the information space. Its expertise and services support the development of knowledge, education and research in a multicultural approach and contribute to the development of scientific and technological excellence. Across the world, the Group enables its customers and employees, and members of societies at large to live, work and develop sustainably, in a safe and secure information space.

## About Eviden<sup>1</sup>

<u>Eviden</u> is a next-gen technology leader in data-driven, trusted and sustainable digital transformation with a strong portfolio of patented technologies. With worldwide leading positions in advanced computing, security, AI, cloud and digital platforms, it provides deep expertise for all industries in more than 47 countries. Bringing together 53,000 world-class talents, Eviden expands the possibilities of data and technology across the digital continuum, now and for generations to come. Eviden is an Atos Group company with an annual revenue of c. € 5 billion.

18 March 2025

**Version: 2.8** 8 of 8

<sup>&</sup>lt;sup>1</sup> Eviden business is operated through the following brands: AppCentrica, ATHEA, Cloudamize, Cloudreach, Cryptovision, DataSentics, Edifixio, Energy4U, Engage ESM, Evidian, Forensik, IDEAL GRP, In Fidem, Ipsotek, Maven Wave, Profit4SF, SEC Consult, Visual BI, Worldgrid, X-Perion. Eviden is a registered trademark. © Eviden SAS, 2023.