AMD za kugwira ntchito yokonza zofooka zingapo ""(CVE-2020-12890), yomwe imakupatsani mwayi wowongolera firmware ya UEFI ndikuyika ma code pamlingo wa SMM (System Management Mode). Kuwukira kumafuna mwayi wopezeka ndi zida kapena mwayi wopita kudongosolo lokhala ndi ufulu woyang'anira. Ngati kuukira kopambana, wowukirayo angagwiritse ntchito mawonekedwe (AMD Generic Encapsulated Software Architecture) kuti apereke code yokhazikika yomwe singawululidwe kuchokera pamakina opangira.
Zowopsa zilipo mu code yomwe ikuphatikizidwa mu firmware ya UEFI, yochitidwa (Ring -2), yomwe ili patsogolo kwambiri kuposa mawonekedwe a hypervisor ndi ziro zodzitchinjiriza, ndipo ili ndi mwayi wofikira kukumbukira kwamakina onse. Mwachitsanzo, atapeza mwayi wogwiritsa ntchito OS chifukwa chogwiritsa ntchito zovuta zina kapena njira zamaukadaulo, wowukira atha kugwiritsa ntchito zovuta za SMM Callout kuti adutse UEFI Secure Boot, kubaya code yoyipa yosaoneka kapena rootkits mu SPI Flash, ndikuyambitsanso kuwukira. pa ma hypervisors kuti adutse njira zowonera kukhulupirika kwa malo omwe ali.
Kuwonongekaku kumayambitsidwa ndi cholakwika mu code ya SMM chifukwa chosowa kuyang'ana adilesi yomwe mukufuna poyimbira SmmGetVariable() ntchito mu chogwirizira cha 0xEF SMI. Vutoli limatha kulola wowukira kuti alembe zidziwitso zosasinthika ku kukumbukira kwamkati kwa SMM (SMRAM) ndikuyiyendetsa ngati ma code ndi mwayi wa SMM. Malinga ndi deta yoyambirira, vutoli likuwonekera mu ma APU (AMD Fusion) kwa ogula ndi makina ophatikizidwa opangidwa kuchokera ku 2016 mpaka 2019. AMD yapereka kale opanga ma boardboard ambiri okhala ndi zosintha za firmware zomwe zimakonza vutoli, ndipo zosinthazo zikukonzekera kutumizidwa kwa opanga otsala kumapeto kwa mweziwo.
Source: opennet.ru