oss-sec mailing list archives
Re: AMD Microcode Signature Verification Vulnerability
From: Demi Marie Obenour <demi () invisiblethingslab com>
Date: Tue, 21 Jan 2025 23:38:16 -0500
On Tue, Jan 21, 2025 at 06:31:31PM -0800, Tavis Ormandy wrote:
It looks like an OEM leaked the patch for a major upcoming CPU vulnerability, i.e. "AMD Microcode Signature Verification Vulnerability": https://rog.asus.com/motherboards/rog-strix/rog-strix-x870-i-gaming-wifi/helpdesk_bios/ I'm not thrilled about this - the patch is *not* currently in linux-firmware, so this is the only publicly available patch. However, other people are discussing how to extract them: https://winraid.level1techs.com/t/offer-intel-amd-via-cpu-microcode-archives-1995-present/102857/53
Is this fix effective, or can it be bypassed via a downgrade attack? Since microcode loading can (hopefully!) only be done in ring 0 and SVM root mode, this means that one needs OS kernel access to perform an exploit. However, if an attacker could load arbitrary microcode, they could compromise SMM, SEV-SNP, and DRTM, so this is still pretty bad. -- Sincerely, Demi Marie Obenour (she/her/hers) Invisible Things Lab
Attachment:
signature.asc
Description:
Current thread:
- AMD Microcode Signature Verification Vulnerability Tavis Ormandy (Jan 21)
- Re: AMD Microcode Signature Verification Vulnerability Demi Marie Obenour (Jan 22)
- Re: AMD Microcode Signature Verification Vulnerability Tavis Ormandy (Jan 22)
- Re: AMD Microcode Signature Verification Vulnerability Solar Designer (Feb 04)
- Re: AMD Microcode Signature Verification Vulnerability Jacob Bachmeyer (Feb 05)
- Re: AMD Microcode Signature Verification Vulnerability trinity pointard (Feb 06)
- Re: AMD Microcode Signature Verification Vulnerability Jacob Bachmeyer (Feb 06)
- Re: AMD Microcode Signature Verification Vulnerability Tavis Ormandy (Jan 22)
- Re: AMD Microcode Signature Verification Vulnerability Solar Designer (Mar 05)
- Re: AMD Microcode Signature Verification Vulnerability Jacob Bachmeyer (Mar 05)
- Re: AMD Microcode Signature Verification Vulnerability Solar Designer (Mar 05)
- Re: AMD Microcode Signature Verification Vulnerability Jacob Bachmeyer (Mar 05)
- Re: AMD Microcode Signature Verification Vulnerability Solar Designer (Mar 05)
- Re: AMD Microcode Signature Verification Vulnerability Demi Marie Obenour (Jan 22)