The rosenbridge backdoor is a small, non-x86 core embedded alongside the main x86 core in the CPU. It is enabled by a model-specific-register control bit, and then toggled with a launch-instruction. The embedded core is then fed commands, wrapped in a specially formatted x86 instruction. The core executes these commands (which we call the 'deeply embedded instruction set'), bypassing all memory protections and privilege checks.

While the backdoor should require kernel level access to activate, it has been observed to be enabled by default on some systems, allowing any unprivileged code to modify the kernel.

The rosenbridge backdoor is entirely distinct from other publicly known coprocessors on x86 CPUs, such as the Management Engine or Platform Security Processor; it is more deeply embedded than any known coprocessor, having access to not only all of the CPU's memory, but its register file and execution pipeline as well.
https://github.com/xoreaxeaxeax/rosenbridge

The title is a bit of a clickbait, as so far only VIA C3 processors manufactured between 2001 and 2003 have been proven to be affected, but this is still unsettling: not only is pre-2008 hardware usually believed to be "safe" by privacy enthusiasts, but VIA's general-purpose CPUs were never really able to compete with AMD and Intel, so it's unlikely for this "feature" to have been added (or left enabled to be exact) under pressure from intelligence agencies.

The PoC published on GitHub allows an unprivileged Linux account to get a root shell on vulnerable hardware by exploiting these hidden instructions.