Various vulnerabilities were disclosed in AMD and Intel processors

Recently the various vulnerabilities were disclosed that affect both AMD and Intel processors. Of the bugs that were corrected In the case of AMD, 22 vulnerabilities have been eliminated in the first, second and third generation of AMD EPYC series server processors that compromise the operation of the PSP (Platform Security Processor), SMU (System Management Unit) and SEV (Secure Encrypted Virtualization) technologies.

In addition, 6 problems had already been identified in 2020 and 16 in 2021. Google employees identified eleven vulnerabilities during internal security studies, six by Oracle and five by Microsoft.

For OEMs, updated AGESA (AMD Generic Encapsulated Software Architecture) firmware kits have been released, blocking problem manifestation in an alternative way. Hewlett Packard Enterprise, Dell, Supermicro, and Lenovo have already released BIOS and UEFI firmware updates for their server systems.

During security reviews in collaboration with Google, Microsoft and Oracle, potential vulnerabilities were discovered and mitigated in the AMD Platform Security Processor (PSP), AMD System Management Unit (SMU), AMD Secure Encrypted Virtualization (SEV) and other components of the platform. in AMD EPYC ™ AGESA ™ PI packages.

4 vulnerabilities are classified as dangerous (details have not been revealed yet):

  • CVE-2020-12954: ability to bypass the protection mechanisms of the SPI ROM by manipulating certain internal chipset settings. The vulnerability allows an attacker to modify SPI Flash to inject malicious code or rootkits that are invisible to the system.
  • SVE-2020-12961- A vulnerability in the processor PSP (AMD Security Processor), which is used to run a protected sandbox inaccessible from the main operating system, allows an attacker to reset any privileged processor registers in SMN (System Management Network) and bypass SPI Protection ROM.
  • CVE-2021-26331- A bug in the processor built-in SMU (System Management Unit), used to manage power consumption, voltage, and temperature, allows an unprivileged user to get their code executed with elevated privileges.
  • CVE-2021-26335: Incorrect validation of the input data in the code loader for the PSP processor allows you to apply values ​​controlled by the attacker in the pre-verification stage of the digital signature and achieve the execution of your code on the PSP.

Moreover, the elimination of the vulnerability is also mentioned (CVE-2021-26334) in the toolkit AMD μProf, supplied for Linux and FreeBSD, and used to analyze performance and power consumption. The problem is present in the AMDPowerProfiler driver and allows a user to gain access to the MSR (Model-specific registration) to organize the execution of your code at the level of the zero protection ring (ring-0). The vulnerability was fixed in the update amduprof-3.4-502 for Linux and AMDuProf-3.4.494 for Windows.

Now in the case of the problems that were eliminated in Intel processors, these were made known during the publication of the quarterly vulnerability reports in their products, among which the following aspects stand out:

  • CVE-2021-0146: is a vulnerability in the Intel Pentium, Celeron and Atom processors for desktop and mobile systems that allows a user with physical access to the computer to achieve privilege escalation by activating debugging modes. The hardware allows the activation of test or debug logic at runtime for some Intel processors.
  • CVE-2021-0157, CVE-2021-0158: vulnerabilities in the BIOS reference code supplied to initialize Intel Xeon (E / W / Scalable), Core (7/10 / 11gen), Celeron (N) and Pentium Silver processors. The problems are caused by incorrect input validation or incorrect flow control in the BIOS firmware and allow privilege escalation with local access.

Finally, if you are interested in knowing more about it About the reports released by AMD and Intel on the elimination of the vulnerabilities found, you can consult the details in the following links.

https://www.amd.com

https://www.intel.com


Be the first to comment

Leave a Comment

Your email address will not be published. Required fields are marked with *

*

*

  1. Responsible for the data: AB Internet Networks 2008 SL
  2. Purpose of the data: Control SPAM, comment management.
  3. Legitimation: Your consent
  4. Communication of the data: The data will not be communicated to third parties except by legal obligation.
  5. Data storage: Database hosted by Occentus Networks (EU)
  6. Rights: At any time you can limit, recover and delete your information.