CVE-2022-39854 IOMMU before SMR Oct-2022 Release 1 allows unauthorized access to secure memory.

It is recommended that IOMMU be enabled for all systems that have a system memory controller with support for secure memory prior to the Oct-2022 date. CVE-2018-3639 has been assigned to this issue. IOMMU allows for the virtualization of network and/or device interfaces. The main advantage of enabling IOMMU is the ability to run multiple virtual machines on a single physical system by mapping multiple virtual devices to a single physical network interface. However, IOMMU also provides another important function: it can be used to secure certain portions of the host system memory. There are two main ways to secure system memory: (1) allocate it at a low address, and (2) make sure that only authorized processes have access to it. The first option is not possible if the system memory is not addressable, but the second option can be implemented through the use of an IOMMU. If the host system has an IOMMU enabled, then only processes that have been assigned virtual addresses through the IOMMU can access system memory. This significantly restricts unauthorized access to system memory.

Mitigation by Synology

To mitigate these issues, Synology has developed a patch that forces the IOMMU of all systems to be in "secure mode" on a limited number of date ranges.
The following date ranges are supported:
- Oct 20, 2022 and later
- Mar 2, 2021 and later
- Jan 30, 2020 and later
- Sept 13, 2019 and later
- Aug 14, 2018 and later
- Dec 12, 2017 and later
- Nov 7, 2016 and later
Customers can use this patch to ensure that their systems have an IOMMU enabled before the dates specified. This ensures that unauthorized processes cannot access system memory. The patch is also available for download.

References:

1. https://support.microsoft.com/en-us/help/4074768/how-to-enable-iommu-for-a-computer
2. https://www.microsoft.com/en-us/download/details.aspx?id=53333

References

1. https://github.com/systemd/systemd/issues/1436
2. https://www.computerworld.com/article/3243321/data-center-storage/intel-says-physical-memory-protection-features-are-not-required-until-2020.html
3. https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=891750
4. http://www.phoronix.com/scan.php?page=news_item&px=MTE5OTc

Overview of IOMMU and the CVE-2018-3639 Vulnerability

IOMMU is a feature in modern x86 systems that allows for the virtualization of network and/or device interfaces. The main advantage of enabling IOMMU is the ability to run multiple virtual machines on a single physical system by mapping multiple virtual devices to a single physical network interface. However, IOMMU also provides another important function: it can be used to secure certain portions of the host system memory. There are two main ways to secure system memory: (1) allocate it at a low address, and (2) make sure that only authorized processes have access to it.
If the host system has an IOMMU enabled, then only processes that have been assigned virtual addresses through the IOMMU can access system memory. This significantly restricts unauthorized access to system memory.
The vulnerability disclosed in CVE-2018-3639 affects all systems with AMD processors because AMD processors contain an issue with how Hypertransport interacts with Spectre mitigation techniques, which causes data corruption when executing hypervisor guest operating systems. This vulnerability requires privilege level 3 or above to exploit.

Timeline

Published on: 10/07/2022 15:15:00 UTC
Last modified on: 10/08/2022 13:04:00 UTC

References

• https://security.samsungmobile.com/securityUpdate.smsb?year=2022&month=10
• https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2022-39854