Описание
Improper signature verification in AMD CPU ROM microcode patch loader may allow an attacker with local administrator privilege to load malicious microcode, potentially resulting in loss of integrity of x86 instruction execution, loss of confidentiality and integrity of data in x86 CPU privileged context and compromise of SMM execution environment.
A flaw was found in AMD processors. This flaw allows an attacker with system administration privileges to exploit an issue in the signature verification in the AMD CPU ROM microcode patch loader, allowing the load of malicious microcode. This issue could impact the integrity of x86 instruction execution, confidentiality, and data integrity in x86 CPU-privileged context and compromise the SMM execution environment.
Отчет
Red Hat has very limited to no visibility and control over binary blobs provided by third-party vendors. Red Hat relies heavily on the vendors to provide timely updates and information about included changes for this content and in most cases merely acts as a release vehicle between the third-party vendor and Red Hat customers with no possibility of influencing or even documenting the changes. Unless explicitly stated, the level of insight, oversight, and control Red Hat has does not meet the criteria required (in terms of Red Hat ownership of development processes, QA, and documentation) for releasing this content as a RHSA. For more information, please contact the binary content vendor. AMD believes this issue is caused by a weakness in the signature verification algorithm and the vulnerability could allow an administrator privileged attacker, the ability to load arbitrary CPU microcode patches. Malicious CPU microcode results in loss of integrity of x86 instruction execution, loss of confidentiality and integrity of data in x86 CPU privileged context and compromise of SMM execution environment.
Меры по смягчению последствий
Mitigation requires updating the BIOS for updating the CPU firmware. The bug affects hardware in processors of the AMD EPYC™ family: Naples, Rome, Milan, Milan-X, Genoa, Genoa-X, Bergamo/Siena and Raphael.
Затронутые пакеты
| Платформа | Пакет | Состояние | Рекомендация | Релиз |
|---|---|---|---|---|
| Red Hat Enterprise Linux 10 | kernel | Not affected | ||
| Red Hat Enterprise Linux 6 | kernel | Not affected | ||
| Red Hat Enterprise Linux 7 | kernel | Not affected | ||
| Red Hat Enterprise Linux 7 | kernel-rt | Not affected | ||
| Red Hat Enterprise Linux 8 | kernel | Not affected | ||
| Red Hat Enterprise Linux 8 | kernel-rt | Not affected | ||
| Red Hat Enterprise Linux 9 | kernel | Not affected | ||
| Red Hat Enterprise Linux 9 | kernel-rt | Not affected |
Показывать по
Дополнительная информация
Статус:
EPSS
7.5 High
CVSS3
Связанные уязвимости
Improper signature verification in AMD CPU ROM microcode patch loader may allow an attacker with local administrator privilege to load malicious microcode, potentially resulting in loss of integrity of x86 instruction execution, loss of confidentiality and integrity of data in x86 CPU privileged context and compromise of SMM execution environment.
Improper signature verification in AMD CPU ROM microcode patch loader may allow an attacker with local administrator privilege to load malicious microcode, potentially resulting in loss of integrity of x86 instruction execution, loss of confidentiality and integrity of data in x86 CPU privileged context and compromise of SMM execution environment.
Improper signature verification in AMD CPU ROM microcode patch loader ...
Improper signature verification in AMD CPU ROM microcode patch loader may allow an attacker with local administrator privilege to load malicious microcode, potentially resulting in loss of integrity of x86 instruction execution, loss of confidentiality and integrity of data in x86 CPU privileged context and compromise of SMM execution environment.
Уязвимость загрузчика обновлений микропрограммного обеспечения процессоров AMD связана с неправильной проверкой криптографической подписи. Эксплуатация уязвимости может позволить нарушителю выполнить произвольный код и отключить защиту System Management Mode (SMM)
EPSS
7.5 High
CVSS3