An attacker with local privileged access can exploit this vulnerability to elevate privileges from ring 3 or ring 0 (depends on the operating system) to a DXE driver and execute arbitrary code. Malicious code installed as a result of this exploitation could survive operating system (OS) boot process and runtime, or modify NVRAM area on the SPI flash storage (to gain persistence). Additionally, threat actors could use this vulnerability to bypass OS security mechanisms (modify privileged memory or runtime variables), influence OS boot process, and in some cases allow an attacker to hook or modify EFI Runtime services.
Binarly REsearch Team has discovered a stack overflow vulnerability that allows a local root user to access a UEFI DXE driver and execute arbitrary code.
An attacker with local privileged access can exploit this vulnerability to elevate privileges from ring 3 or ring 0 (depends on the operating system) to a DXE driver and execute arbitrary code. Malicious code installed as a result of this exploitation could survive operating system (OS) boot process and runtime, or modify NVRAM area on the SPI flash storage (to gain persistence). Additionally, threat actors could use this vulnerability to bypass OS security mechanisms (modify privileged memory or runtime variables), influence OS boot process, and in some cases allow an attacker to hook or modify EFI Runtime services.
The vulnerability exists in the function located at offset 0x109A0.The pseudocode for this function is shown below:
_BYTE *__fastcall HandleTpm12VersionInfoAndPCRBitmap(void *a1)
{
...
char Value[20];
EFI_GUID VendorGuid;
UINTN DataSize;
UINT32 SetupAttributes;
UINTN DataSize;
char Buffer[128];
char SetupValue[4787];
UINT32 Attributes;
DataSize = 20;
Attributes = 0;
SetupDataSize = 0x12B3;
VendorGuid.Data1 = 0xEC87D643;
*&VendorGuid.Data2 = 0x4BB5EBA4;
*VendorGuid.Data4 = 0x3E3FE5A1;
*&VendorGuid.Data4[4] = 0xA90DB236;
Res = gRT->GetVariable(L"Setup", &VendorGuid, &SetupAttributes, &SetupDataSize, SetupValue);
if ( Res >= 0 )
{
if ( gEfiHiiStringProtocol
|| (Res = gBS->LocateProtocol(&EFI_HII_STRING_PROTOCOL_GUID, 0, &gEfiHiiStringProtocol), Res >= 0) )
{
Res = sub_1073C(a1);
if ( Res )
{
if ( !SetupValue[21] && !SetupValue[17] )
{
...
if (gRT->GetVariable(L"Tpm12VersionInfo", &PEI_TCG_INTERNAL_FLAGS_GUID, &Attributes, &DataSize, Value) == EFI_SUCCESS)
{
...
}
}
Res = gRT->GetVariable(L"PCRBitmap", &PEI_TCG_INTERNAL_FLAGS_GUID, &Attributes, &DataSize, Value);
if ( Res >= 0 )
{
...
}
}
}
}
return Res;
}Consider the following code snippet:
DataSize = 20;
...
...
...
...
{
...
if (gRT->GetVariable(L"Tpm12VersionInfo", &PEI_TCG_INTERNAL_FLAGS_GUID, &Attributes, &DataSize, Value) == EFI_SUCCESS)
{
...
}
}
Res = gRT->GetVariable(L"PCRBitmap", &PEI_TCG_INTERNAL_FLAGS_GUID, &Attributes, &DataSize, Value);
...An attacker can change the values of the Tpm12VersionInfo and PCRBitmap variables.If the size of the value of the Tpm12VersionInfo variable is greater than 20, then after the first call to the GetVariable service, the DataSize variable will be overwritten (this means that the attacker is in control of the DataSize variable).The second call to GetVariable (for the PCRBitmap variable) can lead to a stack overflow and arbitrary code execution.
This vulnerability is subject to a 90 day disclosure deadline. After 90 days elapsed or a patch has been made broadly available (whichever is earlier), the vulnerability report will become visible to the public.
Binarly REsearch Team
