BRLY-2022-041

The stack memory contents leak / information disclosure vulnerability in DXE driver.

Public Disclosure Date: Nov 16, 2023

CVE ID

CVE-2023-22330

Vendors Affected

Intel

Products Affected

Intel NUC M15 / BCTGL357 v0077 (Latest)

Summary

BINARLY efiXplorer team has discovered a stack memory contents leak / information disclosure vulnerability that allows a potential attacker to write stack memory to NVRAM variable.

Potential Impact

An attacker with local privileged access can exploit this vulnerability to read the contents of the stack and use this information to exploit other vulnerabilities in DXE. A malicious code installed as a result of the vulnerability exploitation in a DXE driver could survive across an operating system (OS) boot process and runtime or modify NVRAM area on SPI flash storage (to gain persistence on target platform). Additionally, this vulnerability potentially could be used by threat actors to bypass OS security mechanisms (modify privileged memory or runtime variables), influence on the OS boot process, and in some cases would allow an attacker to hook or modify EFI Runtime services.

Vulnerability Information

BINARLY internal vulnerability identifier: BRLY-2022-041
Intel PSIRT assigned CVE identifier: CVE-2023-22330
Intel advisory: INTEL-SA-00917
CVSS v3.1: 6.0 Medium AV:L/AC:L/PR:H/UI:N/S:C/C:H/I:N/A:N

01Affected Intel firmware confirmed to be impacted by Binarly team

02Vulnerability description

03Disclosure timeline

04Acknowledgements

Affected Intel firmware confirmed to be impacted by Binarly team

Device/Firmware	File Name	SHA256 (File PE32 section)	File GUID
Intel NUC M15 / BCTGL357 v0077 (Latest)	AmiTcgPlatformDxe	c290b100e7e5746a448cba16b79a7439acb666031abe80f68651afaa6f635700	A29A63E3-E4E7-495F-8A6A-07738300CBB3

Vulnerability description

The vulnerability exists in the function located at offset 0x2450. This function is part of AMI_TCG_PLATFORM_PROTOCOL protocol interface (Potential function name: ProcessTcgSetup).

The pseudocode for the vulnerable function is shown below:

__int64 ProcessTcgSetup()
{
  //
  // local variables initialization
  //

  Attributes = 3;
  v28 = 0;
  DataSize = 1;
  Data = 0;
  if ( (gBS->LocateProtocol(&SETUP_GUID, 0, &Interface) & 0x8000000000000000) == 0 )
    return (*Interface)();
  result = gBS->LocateProtocol(&EFI_TPM_MP_DRIVER_PROTOCOL_GUID, 0, &v32);
  if ( result >= 0 )
  {
    result = gBS->LocateProtocol(&EFI_TCG_PROTOCOL_GUID, 0, &EfiTcgProtocol);
    if ( result >= 0 )
    {
      result = gBS->LocateProtocol(&TCG_PLATFORM_SETUP_POLICY_GUID, 0, &TcgPlatformSetupPolicy);
      if ( result >= 0 )
      {
        ...
        if ( (gRT->GetVariable(L"TpmOldvar", &TC_EFI_GLOBAL_VARIABLE_GUID, &Attributes, &DataSize, &Data) & 0x8000000000000000) == 0 )
        {
          LOBYTE(v7) = v13;
          if ( Data == v13 )
          {
            if ( v13 != (((v30 | v31) & 1) == 0) )
              v19 = 1;
          }
          else
          {
            Data = v13;
            sub_4D60(L"TpmOldvar", &TC_EFI_GLOBAL_VARIABLE_GUID, Attributes, DataSize, &Data);
          }
        }
        else
        {
          Data = v13;
          gRT->SetVariable(L"TpmOldvar", &TC_EFI_GLOBAL_VARIABLE_GUID, Attributes, DataSize, &Data);
        }
        if ( v19 )
        {
          v13 = ((v30 | v31) & 1) == 0;
          Data = v13;
          v14 = 0;
          v19 = 0;
          sub_4D60(L"TpmOldvar", &TC_EFI_GLOBAL_VARIABLE_GUID, Attributes, DataSize, &Data);
        }
        ...
      }
    }
  }
  return result;
}

Consider the following code snippet:

DataSize = 1;
if ( gRT->GetVariable(L"TpmOldvar", &TC_EFI_GLOBAL_VARIABLE_GUID, &Attributes, &DataSize, &Data) == EFI_SUCCESS )
{
  ...
}
else
{
  Data = v13;
  gRT->SetVariable(L"TpmOldvar", &TC_EFI_GLOBAL_VARIABLE_GUID, Attributes, DataSize, &Data);
}

As we can see from the pseudocode, for the TpmOldvar variable gRT->SetVariable() service is called with the DataSize value, which can be overwritten inside the gRT->GetVariable() service.

Thus, a potential attacker can write X - 1 bytes from the stack to NVRAM if writes any buffer of length X > 1 to the TpmOldvar NVRAM variable before next system boot.

In order to fix this vulnerability, the DataSize variable must be initialized before gRT->SetVariable().

Disclosure timeline

This vulnerability is subject to a 90 day disclosure deadline. After 90 days elapsed or a patch has been made broadly available (whichever is earlier), the vulnerability report will become visible to the public.

Disclosure Activity	Date (YYYY-MM-dd)
Intel PSIRT is notified	2022-12-19
Intel PSIRT assigned CVE number	2023-02-28
Intel PSIRT provide patch release	2023-08-08
BINARLY public disclosure date	2023-11-16

Acknowledgements

BINARLY efiXplorer team

See if you are impacted now with our Firmware Vulnerability Scanner

Find Vulnerabilities, Generate SBOMs & CBOMs

Scan Now

Potential Impact

Device/Firmware

File Name

SHA256 (File PE32 section)

File GUID

Intel NUC M15 / BCTGL357 v0077 (Latest)

AmiTcgPlatformDxe

c290b100e7e5746a448cba16b79a7439acb666031abe80f68651afaa6f635700

A29A63E3-E4E7-495F-8A6A-07738300CBB3

__int64 ProcessTcgSetup() { // // local variables initialization // Attributes = 3; v28 = 0; DataSize = 1; Data = 0; if ( (gBS->LocateProtocol(&SETUP_GUID, 0, &Interface) & 0x8000000000000000) == 0 ) return (*Interface)(); result = gBS->LocateProtocol(&EFI_TPM_MP_DRIVER_PROTOCOL_GUID, 0, &v32); if ( result >= 0 ) { result = gBS->LocateProtocol(&EFI_TCG_PROTOCOL_GUID, 0, &EfiTcgProtocol); if ( result >= 0 ) { result = gBS->LocateProtocol(&TCG_PLATFORM_SETUP_POLICY_GUID, 0, &TcgPlatformSetupPolicy); if ( result >= 0 ) { ... if ( (gRT->GetVariable(L"TpmOldvar", &TC_EFI_GLOBAL_VARIABLE_GUID, &Attributes, &DataSize, &Data) & 0x8000000000000000) == 0 ) { LOBYTE(v7) = v13; if ( Data == v13 ) { if ( v13 != (((v30 | v31) & 1) == 0) ) v19 = 1; } else { Data = v13; sub_4D60(L"TpmOldvar", &TC_EFI_GLOBAL_VARIABLE_GUID, Attributes, DataSize, &Data); } } else { Data = v13; gRT->SetVariable(L"TpmOldvar", &TC_EFI_GLOBAL_VARIABLE_GUID, Attributes, DataSize, &Data); } if ( v19 ) { v13 = ((v30 | v31) & 1) == 0; Data = v13; v14 = 0; v19 = 0; sub_4D60(L"TpmOldvar", &TC_EFI_GLOBAL_VARIABLE_GUID, Attributes, DataSize, &Data); } ... } } } return result; }

DataSize = 1; if ( gRT->GetVariable(L"TpmOldvar", &TC_EFI_GLOBAL_VARIABLE_GUID, &Attributes, &DataSize, &Data) == EFI_SUCCESS ) { ... } else { Data = v13; gRT->SetVariable(L"TpmOldvar", &TC_EFI_GLOBAL_VARIABLE_GUID, Attributes, DataSize, &Data); }

Disclosure Activity

Date (YYYY-MM-dd)

Intel PSIRT is notified

2022-12-19

Intel PSIRT assigned CVE number

2023-02-28

Intel PSIRT provide patch release

2023-08-08

BINARLY public disclosure date

2023-11-16

Potential Impact

Image preview

Vulnerability Information

Image preview

Affected Intel firmware confirmed to be impacted by Binarly team

Image preview

Vulnerability description

Image preview

Disclosure timeline

Image preview

Acknowledgements

Image preview

See if you are impacted now with our Firmware Vulnerability Scanner

Potential Impact

Image preview

Vulnerability Information

Image preview

Affected Intel firmware confirmed to be impacted by Binarly team

Image preview

Vulnerability description

Image preview

Disclosure timeline

Image preview

Acknowledgements

Image preview

See if you are impacted now with our Firmware Vulnerability Scanner