Masu bincike daga Binarly sun gano jerin lahani a cikin lambar tantance hoto da aka yi amfani da ita a cikin firmware na UEFI daga masana'antun daban-daban. Rashin lahani yana ba mutum damar cimma aiwatar da lambar yayin taya ta hanyar sanya hoto na musamman a cikin sashin ESP (EFI System Partition) ko a cikin ɓangaren sabunta firmware wanda ba a sanya hannu ta hanyar dijital ba. Ana iya amfani da hanyar harin da aka tsara don ƙetare ingantattun injin taya na UEFI Secure Boot da hanyoyin kariya na hardware kamar Intel Boot Guard, AMD Hardware-Validated Boot da ARM TrustZone Secure Boot.
Matsalar tana faruwa ne saboda gaskiyar cewa firmware yana ba ku damar nuna takamaiman tambarin mai amfani da amfani da ɗakunan karatu na hoto don wannan, waɗanda ake aiwatar da su a matakin firmware ba tare da sake saita gata ba. An lura cewa firmware na zamani ya haɗa da lambar don tantance tsarin BMP, GIF, JPEG, PCX da tsarin TGA, waɗanda ke ƙunshe da lahani waɗanda ke haifar da cikar buffer lokacin tantance bayanan da ba daidai ba.
An gano rashin lahani a cikin firmware wanda masu samar da kayan masarufi daban-daban (Intel, Acer, Lenovo) da masana'antun firmware (AMI, Insyde, Phoenix). Saboda lambar matsalar tana nan a cikin abubuwan abubuwan da masu siyar da firmware masu zaman kansu suka bayar kuma ana amfani da su azaman tushen masana'antun kayan masarufi daban-daban don gina firmware ɗin su, raunin ba takamaiman mai siyarwa bane kuma yana shafar yanayin yanayin gaba ɗaya.
An yi alƙawarin bayyana cikakkun bayanai game da raunin da aka gano a ranar 6 ga Disamba a taron Black Hat Turai 2023. Gabatarwar a taron kuma za ta nuna wani amfani wanda zai ba ku damar aiwatar da lambar ku tare da haƙƙin firmware akan tsarin tare da gine-ginen x86 da ARM. Da farko, an gano raunin da ya faru yayin nazarin firmware na Lenovo da aka gina akan dandamali daga Insyde, AMI da Phoenix, amma firmware daga Intel da Acer kuma an ambaci suna da yuwuwar rauni.
source: budenet.ru