Greetings from the VMware Security Response Center!
On November 14th, 2023, a REX prefix vulnerability impacting Intel processors was disclosed in INTEL-SA-00950.
Identified by CVE-2023-23583, this vulnerability has been classified by Intel as ‘High’ in severity with a CVSSv3.1 base score of 8.8.
VMware hypervisors may be impacted by CVE-2023-23583 if they are utilizing an impacted Intel processor, but hypervisor patches are not required to resolve the vulnerability.
It is our recommendation that organizations using VMware hypervisors review INTEL-SA-00950 to determine if their Intel processor family is impacted by CVE-2023-23583. Impacted organizations should contact their hardware vendors for a firmware update if one is not already available.