Resources

People often ask me "How did you learn how to hack?" The answer: by reading. This page is a collection of the blog posts and other articles that I have accumulated over the years of my journey. Enjoy!

In October of 2022, the source code of the BIOS for Intel's Alder Lake platform was leaked. While poking around the code, the author found a pretty devastating vulnerability.

System Management Mode (SMM) is a very high privileged part of the execution process. Naturally, we need to execute defined code in here but nothing else. As a result, there are defined call locations called System Management Interrupts (SMI) Handlers to jumping into this region of code.

For data being passed in, rigorous input validation needs to be performed in order to ensure memory corruption doesn't happen. In particular, the address provided for either a read or a write needs to make sure it's in a valid region of memory (not the SMRAM). It is common for the SMI handler to copy memory from a user controlled location into the SMM locations for further processing. There are standard functions for both of these operations.

The SMI handler SPI_FUNCTION_FLASH_READ falls into a bad trap - fetching data more than once. First, the function will read the data into a local copy. Next, it verifies the users controlled version in a separate section of memory. If the validation passes, then it will continue using the local copy. Since the user is able to modify their own version, the local copy can have malicious data then the user controlled one can modify itself to be valid. This double fetch problem results in a Time of Check vs. Time of Use (TOCTOU) vulnerability.

All of the SPI function handlers, including reads and writes, are vulnerable to this exact problem. The location of the write for the buffer can be put into SMRAM, leading to terrible memory corruption that leads to code execution in the SMM. Validation should be done on the same data being used. Otherwise, it's pointless.

Attacking this is very complicated. This would require a SPI flash chip that can be quickly read and written from with triggers on these actions to modify the data. In all likelihood, an attacker would use a FPGA to do this and it would require long term physical access to exploit. Overall, a pretty neat bug in a obscure part of the Intel tech stack.