Vulnerability Note VU#631788
Multiple BIOS implementations permit unsafe SMM function calls to memory locations outside of SMRAM
Original Release date: 20 Mar 2015 | Last revised: 20 Mar 2015

Overview
Multiple BIOS implementations permit unsafe System Management Mode (SMM) function calls to memory locations outside of SMRAM.

Description
Multiple BIOS implementations permit unsafe System Management Mode (SMM) function calls to memory locations outside of SMRAM. According to Corey Kallenberg of LegbaCore:

System Management Mode (SMM) is the most privileged execution mode on the x86 processor. Non-SMM code can neither read nor write SMRAM (SMM RAM). Hence, even a ring 0 level attacker should be unable to gain access to SMM.

However, on modern systems, some SMM code calls or interprets function pointers located outside of SMRAM in an unsafe way. This provides opportunity for a ring 0 level attacker to break into SMM.

In order to exploit the vulnerability, an attacker must have access to physical memory. The attacker can gain code execution in the context of SMM by first manipulating a function pointer or function called by SMM and then writing bytes to System Management Interrupt (SMI) command port 0xb2 to trigger SMM.

Impact
A local, authenticated attacker may be able to execute arbitrary code in the context of SMM and bypass Secure Boot. In systems that do not use protected range registers, an attacker may be able to reflash firmware.

Solution
Please see the Vendor Information section below to determine if your system may be affected. We are continuing to communicate with vendors as they investigate these vulnerabilities.

Intel has provided the following mitigation guidance for vendors:

Starting in Haswell-based client and server platforms, the "SMM Code Access Check" feature is available in the CPU. If SMM code enables this in the appropriate MSR, then logical processors are prevented from executing SMM code outside the ranges defined by the SMRR. If SMI code jumps outside these ranges, the CPU will assert a machine check exception. During BIOS development, this can be an effective mechanism for BIOS developers to identify insecure call-outs from SMM, and during runtime, this feature can also be effective at blocking certain attacks that redirect SMM execution outside SMRAM.

Vendor Information (Learn More)

VendorStatusDate NotifiedDate UpdatedDell Computer Corporation, Inc.Affected10 Dec 201419 Mar 2015
Hewlett-Packard CompanyAffected10 Dec 201419 Mar 2015
IBM CorporationNot Affected10 Dec 201408 Jan 2015
Insyde Software CorporationNot Affected10 Dec 201402 Feb 2015
Intel CorporationNot Affected10 Dec 201402 Mar 2015
American Megatrends Incorporated (AMI)Unknown10 Dec 201410 Dec 2014
AppleUnknown10 Dec 201410 Dec 2014
AsusTek Computer Inc.Unknown10 Dec 201410 Dec 2014
GatewayUnknown10 Dec 201410 Dec 2014
LenovoUnknown10 Dec 201410 Dec 2014
Phoenix Technologies Ltd.Unknown10 Dec 201410 Dec 2014
Sony CorporationUnknown10 Dec 201410 Dec 2014
ToshibaUnknown10 Dec 201410 Dec 2014If you are a vendor and your product is affected, let
us know.

CVSS Metrics (Learn More)

Group
Score
Vector

Base
6.0
AV:L/AC:H/Au:S/C:C/I:C/A:C

Temporal
5.1
E:POC/RL:U/RC:UR

Environmental
5.3
CDP:MH/TD:M/CR:ND/IR:H/AR:ND

References

http://en.wikipedia.org/wiki/System_Management_Mode

Credit

Thanks to Corey Kallenberg of LegbaCore for reporting this vulnerability.
This document was written by Joel Land.

Other Information

CVE IDs:
CVE-2015-0949

Date Public:
20 Mar 2015

Date First Published:
20 Mar 2015

Date Last Updated:
20 Mar 2015

Document Revision:
21

FeedbackIf you have feedback, comments, or additional information about this vulnerability, please send us email.

Leave a Reply