Slashdot is powered by your submissions, so send in your scoop


Forgot your password?
Bug Security Hardware

After Intel ME, Researchers Find Security Bug In AMD's SPS Secret Chip-on-Chip ( 76

An anonymous reader writes: AMD has fixed, but not yet released BIOS/UEFI/firmware updates for the general public for a security flaw affecting the AMD Secure Processor. This component, formerly known as AMD PSP (Platform Security Processor), is a chip-on-chip security system, similar to Intel's much-hated Management Engine (ME). Just like Intel ME, the AMD Secure Processor is an integrated coprocessor that sits next to the real AMD64 x86 CPU cores and runs a separate operating system tasked with handling various security-related operations.

The security bug is a buffer overflow that allows code execution inside the AMD SPS TPM, the component that stores critical system data such as passwords, certificates, and encryption keys, in a secure environment and outside of the more easily accessible AMD cores. Intel fixed a similar flaw last year in the Intel ME.

This discussion has been archived. No new comments can be posted.

After Intel ME, Researchers Find Security Bug In AMD's SPS Secret Chip-on-Chip

Comments Filter:
  • Quote from a complaining comment about the Bleeping Computer story: "Garbage FUD probably hired by Intel, and it wouldn't be surprising. In order to exploit AMD's TPM (which is an easy BIOS fix) the hacker needs physical access to the motherboard... at that point the hacker may as well have armed forces hijack the data center."
    • Re: (Score:2, Flamebait)

      Because buffer overflows are only usable with physical access? AMD fanboys are the best.

      • There wouldn't BE buffer overflows if companies would use my simple idea: only sell computers with infinite RAM and infinite memory address registers.

      • Yes, installing an EK cert requires pre-boot access.

        You don't know what a buffer overflow, TPM, or attestation certificate are, do you?

        • "The researcher claims that an attacker could use specially-crafted EK certificates to get remote code execution rights on the AMD Secure Processor, allowing him to compromise its security."

          Is the TPM protected from writing? If not, I assume the certificate can be modified/replaced via software. I know that motherboards I've owned over the years typically don't write-protect the BIOS by default. Not sure if that includes TPM. Dell certainly makes TPM firmware updates easy via Windows software.

          Either way

          • > Is the TPM protected from writing? If not, I assume the certificate can be modified/replaced via software.

            No, you cannot write directly to TPM nvram from the OS. The spec says the endorsement key is supposed to be permanently burned in at the factory, but some manufacturers instead support CreateEndorsementKeyPair, which asks the TPM to create a key for itself, if it doesn't already have one. If it already has a key, as it should, CreateEndorsementKeyPair does nothing but return an error code.

            To put yo

            • AMD still feels the need to patch this.

              • Or are least they figured they may as well patch it. Easy patch.

                What bothers me the more than the overflow in parsing a malicious EK cert is that they CAN patch it, that a BIOS / UEFI update touches this code. Presumably if a BIOS update can fix it, a malicious bios update can *create* at least a similar problem, and probably a significantly worse variation. Of course we already knew a malicious BIOS would be bad, but I wouldn't expect it to touch that code.

                • Wait, what? Of course the PSP is updatable, even in this way. To do otherwise would be terrible security. Once a flaw is found, there'd be no fixing it at all. Hence Intel has had updatable microcode since the P6. It beats a recall.

      • by serviscope_minor ( 664417 ) on Sunday January 07, 2018 @06:06PM (#55881867) Journal

        Because buffer overflows are only usable with physical access?

        doesn't that depend on what the buffer overflow exploit is in?

        I have not RTFA because this is slashdot, but buffer overflows are not de-facto remote exploits. If the buffer is accessible via the network, you're in the crap. If it's only available locally then it's only a local exploit.

        Of course local priviledge elevation is bad because that's only one remote unpriviliged exploitation away from being a remote root access. No idea what this one is.

        Either way though, that obnoxious bastard Stallman was fucking right again[*].

        Can't see the source, can't fix it, can't trust it.

        [*]Part of his obnoxiousness is consistently being right about paranoid, inconvenient things.

    • by guruevi ( 827432 )

      Both Intel ME and AMD's SPS require access to the system to enable in the first place, so yes, you need at the very least an account on the computer. It doesn't require physical access (as in, you don't need to attach wires to the bus or push buttons).

      Given that AMD's SPS flaw sits in a certificate validation routine, it may actually be possible to trick the computer into the exploit by using some DRM shenanigans (eg. an evil Netflix site) whereas from what I could compile from a cursory look on the Intel l

    • by BlueCoder ( 223005 ) on Sunday January 07, 2018 @05:51PM (#55881793)

      No it isn't the same. Until you show me that it can be used through a network attack. While it is a security bug it's relevant to a TPM boot chain.

      Who is using TPM? I've considered getting one at home just to play around with it.
      To me TPM has been in perpetual development because of bugs. And honestly until there are BIOS setting which enable ME to manage all of it's keys then I will never trust it.

      • Tons of people use TPM.

      • by AmiMoJo ( 196126 )

        TPM is very useful for storing secrets like encryption keys. For example, you can use it to store the encryption keys for your hard drive, in order to support waking from sleep modes, without needing the key to be in RAM where it is vulnerable.

        You can also use TPM to secure your OS against rootkit attacks. The TPM can verify the boot code is unmodified, independent of the CPU and any other code that could be compromised.

        Hardware TPMs have proven reliable. AMD uses a software TPM, which has this issue.

      • Who is using TPM?

        Lots of people. TPM has found its niche in corporate computers, as well as laptops and modern devices with advanced security features. It is also a required component for Windows 10 certification for system builders. Of the 5 computers in my house (excluding embedded ones) the only one which doesn't have a TPM chip is my server.

        Not only will many modern devices ship with TPM hardware installed but many will default to using it for things like Bitlocker and other encryption keys.

    • Change log:
      2018/01/01 - Added 14 Useful Links, Intel CPU CVE links (CVE-2017-5689 CVSS Score 10.0), how to disable Intel ME 11 via undocumented NSA "High Assurance Platform" mode.

      Intel CPU Backdoor Report
      The goal of this report is to make the existence of Intel CPU backdoors a common knowledge and provide information on backdoor removal.

      What we know about Intel CPU backdoors so far:

      TL;DR version

      Your Intel CPU and Chipset is running a backdoor as we speak.

      The backdoor hardware is inside the CPU/Bridge and the backdoor firmware (Intel Management Engine) is in the chipset flash memory.

      30C3 Intel ME live hack:
      [Video] 30C3: Persistent, Stealthy, Remote-controlled Dedicated Hardware Malware []
      @21:43, keystrokes leaked from Intel ME above the OS, wireshark failed to detect packets.

      [Quotes] Vortrag []:
      "the ME provides a perfect environment for undetectable sensitive data leakage on behalf of the attacker".

      "We can permanently monitor the keyboard buffer on both operating system targets."

      Backdoor removal:
      The backdoor firmware can be removed by following this guide [] using the me_cleaner [] script.
      Removal requires a Raspberry Pi (with GPIO pins) and a SOIC clip.

      2017 Dec Update:
      Intel ME on recent CPUs may be disabled by enabling the undocumented NSA HAP bit [].

      Decoding Intel backdoors:
      The situation is out of control and the Libreboot/Coreboot community is looking for BIOS/Firmware experts to help with the Intel ME decoding effort.

      If you are skilled in these areas, download Intel ME firmwares from this collection [] and have a go at them, beware Intel is using a lot of counter measures to prevent their backdoors from being decoded (explained below).

      Useful links (Added 2018 Jan 1):
      Disabling Intel ME 11 via undocumented mode (NSA High Assurance Platform mode) []
      Blackhat 2017: How To Hack A Turned Off Computer Or Running Unsigned Code In Intel Management Engine []
      EEF: Intel's Management Engine is a security hazard, and users need a way to disable it []
      Sakaki's EFI Install Guide/Disabling the Intel Management Engine []
      Intel ME bug storm: Hardware vendors race to identify and provide updates for dangerous Intel flaws. []
      CVE-2017-5689 []: An unprivileged network attacker could gain system privileges to provisioned Intel manageability SKUs
      CVE-2017-5705 []: Multiple buffer overflows in kernel in Intel Manageability Engine Firmware
      CVE-2017-5706 []: Multiple buffer overflows in kernel in Intel Server Platform Services Firmware
      CVE-2017-5707 []: Multiple buffer overflows in kernel in Intel Trusted Execution Engine Firmware
      CVE-2017-5708 []: Multiple privilege escalations in kernel in Intel Manageability Engine Firmware
      CVE-2017-5709 []: Multiple privilege escalations in kernel in Intel Server Platform Services Firmware
      CVE-2017-5710 []: Multiple privilege escalations in kernel in Intel Trusted Execution Engine Firmware
      CVE-2017-5711 []: Multiple buffer overflows in Active Management Technology (AMT)
      CVE-2017-5712 []: Buffer overflow in Active Management Technology (AMT)

      Useful links (Added 2017):
      The Intel ME subsystem can take over your machine, can't be audited []
      REcon 2014 - Intel Management Engine Secrets []
      Untrusting the CPU (33c3) []
      Towards (reasonably) trustworthy x86 laptops []
      30C3 To Protect And Infect - The militarization of the Internet []
      30c3: To Protect And Infect Part 2 - Mass Surveillance Tools & Software []

      1. Introduction, what is Intel ME

      Short version, from Intel staff:

      Re: What Intel CPUs lack Intel ME secondary processor? []
      Amy_Intel Feb 8, 2016 9:27 AM

      The Management Engine (ME) is an isolated and protected coprocessor, embedded as a non-optional part in all current Intel chipsets, I even checked with the engineering department and they confirmed it.

      Long version:

      ME: Management Engine []

      The Intel Management Engine (ME) is a separate computing environment physically located in the MCH chip or PCH chip replacing ICH.

      The ME consists of an individual processor core, code and data caches, a timer, and a secure internal bus to which additional devices are connected, including a cryptography engine, internal ROM and RAM, memory controllers, and a direct memory access (DMA) engine to access the host operating system's memory as well as to reserve a region of protected external memory to supplement the ME's limited internal RAM. The ME also has network access with its own MAC address through the Intel Gigabit Ethernet Controller integrated in the southbridge (ICH or PCH).

      The Intel Management Engine with its proprietary firmware has complete access to and control over the PC: it can power on or shut down the PC, read all open files, examine all running applications, track all keys pressed and mouse movements, and even capture or display images on the screen. And it has a network interface that is demonstrably insecure, which can allow an attacker on the network to inject rootkits that completely compromise the PC and can report to the attacker all activities performed on the PC. It is a threat to freedom, security, and privacy that can't be ignored.

      ME firmware versions 6.0 and later, which are found on all systems with an Intel Core i3/i5/i7 CPU and a PCH, include "ME Ignition" firmware that performs some hardware initialization and power management. If the ME's boot ROM does not find in the SPI flash memory an ME firmware manifest with a valid Intel signature, the whole PC will shut down after 30 minutes.

      Quotes on Intel backdoors:

      A message from RMS []
      by Richard Stallman on Dec 29, 2016 09:45 AM

      The current generation of Intel and AMD processor chips are designed with vicious back doors that users cannot shut off. (In Intel processors, it's the "management engine".)

      No users should trust those processors.

      2. The backdoor is next to impossible to decode and reverse engineer:

      Due to m

  • hmmm.... (Score:2, Interesting)

    by Tsolias ( 2813011 )

    the real AMD64 x86 CPU cores"

    softpedia yesterday was telling us about AMD Radeon Processors
    now we get real AMD64 x86 CPU cores
    you know that intel doesn't have money to buy at least an educated shill, when they shop from junior CS classes... and I even doubt that, I believe that they just hire SJWs for everything nowadays.

    0.02 shekels have been deposited to your account

  • by HalAtWork ( 926717 ) on Sunday January 07, 2018 @05:12PM (#55881665) least when mainboard makers support the option in UEFI. []

    • by Anonymous Coward

      Unfortunately, none of my Ryzen motherboards have seen vendor BIOS updates since September, so not yet able to confirm this feature on any of my motherboards.

      So basically next to no one can do this.

    • AGESA is proprietary again since 2014. Even if AGESA was open source, or AMD released the BKDG and someone paid the $$$ for a coreboot port, the simple fact is the signed PSP is still needed for the platform to boot. Therefore, libreboot can never happen, and you don't really have full control over the machine. And that's assuming this isn't just an option to limit the UEFI firmware from talking to the PSP during boot. Best case is that the PSP still runs during boot but is somehow shut off after the BIOS l
  • by Hall ( 962 )

    Researchers = Intel engineers ;-)

  • by Anonymous Coward

    the fact that over, and over, and over, systems prove to have obscure vulnerabilities that allow an attacker to spy on everything the user is doing.... seems like it might be deliberate. i.e. the government gave up on the clipper chip, and cracking down on encryption.... why?

    The era of "oh the government doesnt care" or "it would never spy" is gone. they do spy. they feel like its their job, their purpose in life, the necessity of a stable government, they believe they have a god given right to all of your

  • Anything that disables IME or PSP is a net positive for the world.

  • The intel team must have worked long and hard to find some fud for that one.

    SPECTRE can be exploited through javascript!

  • "An anonymous reader writes" ... to tell us about an unrelated security bug in an AMD product. Funny how anonymous people seem to post so many stories of concern ....
  • Sadly AMD has completely failed to counter the Intel PR that Meltdown/Spectre affects all CPUs when in reality Intel is massively more impacted. The press it parroting Intel PR unchallenged.

    AMD doesn't have an easy way to remove their inbuilt PSP when Intel has made lots of people worry about their ME. An obvious thing for AMD to offer.

    And why oh why don't AMD support ECC memory on their desktop chips. I know why Intel don't as they want to sell Xeons but AMD has no real server market share. The silicon to

  • While it is worrying there are these security issues, I am not sure how worried we should be? We didnâ(TM)t have these security features in the past and this shouldnâ(TM)t be the only line of defense. It is good to have these security elements in place, but I wonder if too much focus is being put on a single security point?

After any salary raise, you will have less money at the end of the month than you did before.