The reclaim function in the Tianocore open source implementation of UEFI contains a buffer overflow vulnerability.
The open source Tianocore project provides a reference implementation of the Unified Extensible Firmware Interface (UEFI). Some commercial UEFI implementations incorporate portions of the Tianocore source code.
According to Rafal Wojtczuk of Bromium and Corey Kallenberg of The MITRE Corporation, a buffer overflow vulnerability exists in the Reclaim function. Corey Kallenberg describes the vulnerability as follows:
The consequences and exploitability of this bug will vary based on the particular firmware implementation. A local attacker may be able to perform an arbitrary reflash of the platform firmware and escalate privileges or perform a denial of service attack by rendering the system inoperable.
The vulnerable code is patched in EDK2 SVN revision 16280. This issue is still present in EDK1 which is no longer supported. Vendor-specific UEFI fimware derived from Tianocore may be affected.
Insyde Software Corporation Affected
American Megatrends Incorporated (AMI) Not Affected
Apple Inc. Not Affected
Dell Computer Corporation, Inc. Not Affected
IBM Corporation Not Affected
Intel Corporation Not Affected
Lenovo Not Affected
Phoenix Technologies Ltd. Not Affected
AsusTek Computer Inc. Unknown
Hewlett-Packard Company Unknown
Sony Corporation Unknown
Thanks to Rafal Wojtczuk of Bromium and Corey Kallenberg of The MITRE Corporation for reporting this vulnerability.
|Date First Published:||2015-01-05|
|Date Last Updated:||2015-02-03 15:12 UTC|