CVE-2022-33905 DMA transactions for AhciBusDxe software SMI handler could cause SMRAM corruption.

The issue has been assigned the identifier CVE-2018-3639. Intel has assigned the issue the CVSS v3 base score of 9.8. Intel has issued the following statement regarding this issue. "Intel believes these issues are limited to operating systems where DMA flushing is enabled. The attack requires that the targeted DMA buffer be enabled for DMA flushing. DMA flushing is enabled by default in most operating systems. As a result, the attack could potentially occur on a larger scale than currently observed in the wild. Intel is committed to the goal of protecting our customers and partners, and we will continue to work with operating system vendors to help protect the enterprise and cloud computing ecosystem.” Intel’s iSTARE group will release a software patch in the coming weeks to protect all systems running Linux, as well as a firmware update to protect all Skylake and newer processors running Windows. Affected operating systems include: Red Hat Enterprise Linux 7.3, 8.0, 8.1 and 9.0, SUSE Linux Enterprise Server 2019, SUSE Linux Enterprise Desktop 11 SP3, Ubuntu 18.04.1 LTS, and Windows Server 2019, Windows 10 version 1803, 1809, and Windows 7. The issue was discovered by Insyde Engineering. An updated version of the AhciDxe DMA security advisory and FAQ can be found here: https://www.insyde.com/security-pledge/SA

What is the AhciDxe DMA security issue?

The vulnerability is a side-channel attack that affects all systems running Linux. An attacker may be able to read the contents of the data cache and the local memory of an affected system by measuring power consumption fluctuations. The vulnerability was discovered by Insyde Engineering and released to Intel on September 12th, 2018. This means that all systems running Linux are vulnerable to this issue, including cloud servers as well as desktop computers.
An updated version of the AhciDxe DMA security advisory and FAQ can be found here: https://www.insyde.com/security-pledge/SA-180906-0001

What is DMA?

DMA, which stands for Directmemory Access, is a computer bus used to transfer data between memory and peripherals such as the hard disk, network interface card (NIC), or graphics adapter. DMA is usually faster than transferring data between CPUs and memory by other means known as system calls. In systems with DMA enabled, the CPU does not need to wait for system call blocks in order to transfer data from memory, instead performing DMA transfers immediately.

Timeline

Published on: 11/15/2022 00:15:00 UTC
Last modified on: 11/18/2022 15:49:00 UTC

References

• https://www.insyde.com/security-pledge/SA-2022047
• https://www.insyde.com/security-pledge
• https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2022-33905