公司
解决方案
开发者
工作机会
CN
CN
EnglishChinese
Ampere Computing Logo
Ampere Computing Logo
解决方案
解决方案主页
平台系统
解决方案
性能总览
Reference Architecture Overview
Tuning Guides Overview
工作负载简介概览
如何购买
Ampere 系统
Ampere Altra
Azure
Equinix
甲骨文
腾讯云
谷歌云
Ampere AI 下载工作原理常见问题
开发者
开发者中心部署云应用使能开源社区把数据用起来构建云应用设计云应用
支持
Hero Image

Altra SPI-NOR SMC

  • Bulletin ID: AMP-SB-0002

  • Potential Impact: An untrusted hypervisor can potentially allow a user to write to the SPI-NOR

  • Severity: CVSS score: 5.3 (Medium)

Summary

On Ampere Altra and Altra Max devices before SRP 1.09, the Altra reference design of UEFI accesses allows insecure access to SPI-NOR by the OS/hypervisor component.

Who is Impacted

Customers using SRP versions less than 1.09 on Altra, or less than 2.10 on Altra Max and deploying bare-metal servers for external or untrusted customers

Potential Impact

An untrusted hypervisor can potentially allow a user to write to the SPI-NOR

Severity

CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:N/I:H/A:N CVSS score​: 5.3 (Medium)

Problem Statement and Impact

Prior to SRP 1.09 (Altra) and 2.10 (Altra & Altra Max) the implementation of the SMC protection included seed hashing authentication for all run-time SPI-NOR accesses. The Altra SPI-NOR interface exposed a SPI-NOR proxy interface with no knowledge of its contents and provided access to the UEFI persistent storage area. Because the interface was a direct SPI-NOR interface without knowledge of the UEFI variable, it could not distinguish between a UEFI run-time variable and a boot-time variable. In addition, in a bare metal deployment, the platform owner does not control the hypervisor code. Therefore, the hypervisor is untrusted and can potentially impact the system because it can gain access to the UEFI SMC authentication seed by scanning the UEFI data segment

Fixed in

SRP 1.09 & SRP 2.10

Affected Products

Altra and Altra Max

Recommendations

Please update to SRP 1.09 or 2.10 to mitigate this issue

References

https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-32295

Created At : December 26th 2022, 6:06:48 am
Last Updated At : December 29th 2022, 8:58:12 am

Ampere Computing

4655 Great America Parkway

Suite 601 Santa Clara, CA 95054

Tel: +86-021-64338766

info[at]amperecomputing.com

关于我们
image
image
© 2022 Ampere Computing LLC. All rights reserved. Ampere, Altra and the A and Ampere logos are registered trademarks or trademarks of Ampere Computing.