Memory ‘Sinkhole’ Lets Attackers Take Control Of Intel Chips

Older Intel processors contain a security vulnerability that could allow attackers to gain control of system hardware and implant rootkits into the processor’s firmware, a security researcher has told the Black Hat conference in Las Vegas.

The bug is difficult to exploit and is requires an attacker to first gain root or administrator-level access to a system, but once carried out it would deliver complete control of a system, according to Christopher Domas, a security researcher with the Battelle Memorial Institute.

Attackers could, for instance, implant a rootkit into a chip’s firmware, so that even if the operating system were re-installed, the malicious code would still be in place, he said.

At the conference, he released proof-of-concept code taking advantage of “an architectural 0-day built into the silicon itself, directed against a uniquely vulnerable string of code running on every single system”.

The bug was introduced in 1995 with the Pentium Pro, and was fixed with chips built from January 2011 onward, beginning with Intel’s Sandy Bridge core, Domas said, estimating that there are still hundreds of millions of chips in use that contain the vulnerability.

He said Intel has released firmware updates to address the issue, but he told the conference that for some systems it is unpatchable. Systems can, however, mitigate against the issue at the hypervisor level, security researchers said.

APIC bug

Domas’ attack makes use of an architectural weakness in the Advanced Programmable Interrupt Controller (APIC), a feature Intel introduced around 1993. In Pentium Pro and later chips, Intel introduced a feature allowing kernel-level developers to reprogram the local APIC so that it would make use of another area of physical memory, without noticing that this could be used to make it overlap the memory space of the chip’s System Management Mode (SMM), its most powerful “ring” of privilege. Domas called the vulnerability a “memory sinkhole”.

“This provides ring 0 code a small, indirect influence over SMM, and violates the fundamental architectural separation of the two execution modes,” Domas wrote in a paper released with the presentation. “The course granularity of the APIC position, combined with the inability to effectively control the APIC data, make the vulnerability extremely difficult, but not impossible, to apply in practice.”

Domas said he was able to design proof-of-concept code that makes use of this weakness to hijack System Management Mode, so that malicious code runs with SMM privileges. The attack was validated with “select” processor models, he said.

“The specific effects of the secondary payload are left to the reader’s imagination, but commonly include deeply persistent rootkits, hardware modifications, and system destruction,” Domas wrote.

Are you a security pro? Try our quiz!