Bulletin ID: AMP-SB-0002
Potential Impact: An untrusted hypervisor can potentially allow a user to write to the SPI-NOR
Severity: CVSS score: 5.3 (Medium)
On Ampere Altra and Altra Max devices before SRP 1.09, the Altra reference design of UEFI accesses allows insecure access to SPI-NOR by the OS/hypervisor component.
Customers using SRP versions less than 1.09 on Altra, or less than 2.10 on Altra Max and deploying bare-metal servers for external or untrusted customers
An untrusted hypervisor can potentially allow a user to write to the SPI-NOR
CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:N/I:H/A:N CVSS score: 5.3 (Medium)
Prior to SRP 1.09 (Altra) and 2.10 (Altra & Altra Max) the implementation of the SMC protection included seed hashing authentication for all run-time SPI-NOR accesses. The Altra SPI-NOR interface exposed a SPI-NOR proxy interface with no knowledge of its contents and provided access to the UEFI persistent storage area. Because the interface was a direct SPI-NOR interface without knowledge of the UEFI variable, it could not distinguish between a UEFI run-time variable and a boot-time variable. In addition, in a bare metal deployment, the platform owner does not control the hypervisor code. Therefore, the hypervisor is untrusted and can potentially impact the system because it can gain access to the UEFI SMC authentication seed by scanning the UEFI data segment. Reported by Oracle and discovered by internal Oracle security researcher Hugo Magalhaes.
SRP 1.09 & SRP 2.10
Altra and Altra Max
Please update to SRP 1.09 or 2.10 to mitigate this issue