AMD mabapi le ho sebetsa ho lokisa letoto la bofokoli ""(CVE-2020-12890), e u lumellang ho fumana taolo ea firmware ea UEFI le ho etsa khoutu ho boemo ba SMM (System Management Mode). Tlhaselo e hloka phihlello ea 'mele ho lisebelisoa kapa phihlello ea sistimi e nang le litokelo tsa batsamaisi. Tabeng ea tlhaselo e atlehileng, mohlaseli a ka sebelisa sebopeho (AMD Generic Encapsulated Software Architecture) ho sebelisa khoutu e sa lebelloang e ke keng ea senoloa ho tsoa ho sistimi e sebetsang.
Bofokoli bo teng khoutu e kenyellelitsoeng ho firmware ea UEFI, e kentsoeng ka har'a (Ring -2), e etelletseng pele ho feta mokhoa oa hypervisor le lesale la ts'ireletso, 'me e na le phihlello e sa lekanyetsoang ea memori eohle ea sistimi. Ka mohlala, ka mor'a ho fumana mokhoa oa ho sebelisa OS ka lebaka la ho sebelisa mekhoa e meng ea bofokoli kapa mekhoa ea boenjiniere ba sechaba, mohlaseli a ka sebelisa bofokoli ba SMM Callout ho feta UEFI Secure Boot, ho kenya khoutu e sa bonahaleng e sa bonahaleng kapa rootkits ho SPI Flash, le ho qala litlhaselo. ho li-hypervisors ho feta mekhoa ea ho lekola bots'epehi ba tikoloho ea sebele.
Bofokoli bo bakoa ke phoso ho khoutu ea SMM ka lebaka la khaello ea ho lekola aterese ea buffer ha o letsetsa SmmGetVariable() tšebetsong ho sebatli sa 0xEF SMI. Phoso ena e ka lumella mohlaseli ho ngola data e sa reroang ho memori ea kahare ea SMM (SMRAM) mme a e tsamaise joalo ka khoutu e nang le litokelo tsa SMM. Ho latela lintlha tsa pele, bothata bo hlaha ho li-APU tse ling (AMD Fusion) bakeng sa lits'ebetso tsa bareki le tse kentsoeng tse hlahisitsoeng ho tloha 2016 ho isa 2019. AMD e se e fane ka boholo ba baetsi ba liboto tsa bo-mme ka ntlafatso ea firmware e lokisang bothata, 'me ntlafatso e reretsoe ho romelloa ho bahlahisi ba setseng mafelong a khoeli.
Source: opennet.ru