Intel Processor Memory Sinkhole Vulnerability
Intel Processor Memory Sinkhole Vulnerability
Intel Processor Memory Sinkhole Vulnerability
Lenovo Security Advisory: LEN-3748
Summary: Memory Sinkhole Vulnerability
Description:
In August 2015 at the Black Hat security conference, researcher Chris Domas presented a vulnerability found in Intel x86 processors manufactured between 1997 and 2010 (prior to the Sandy Bridge generation). Through this vulnerability, attackers with administrator or root level access to the operating system could install software, such as a rootkit, using the chip’s most privileged and protected System Management Mode (SMM). This was due to an architectural flaw that Intel found and corrected in 2011. This issue has been referred to as the “Memory Sinkhole” vulnerability.
There is no impact to Lenovo products that use Intel Sandy Bridge, Ivy Bridge, Grantley, and later generation processors as these processors are not vulnerable to this issue.
Products that use Pentium Pro through Nehalem Intel processors on enterprise, desktop, mobile and Atom may be vulnerable to this issue.
Intel has provided a tool so users can verify the identification of their CPU:
Revision History:
Revision |
Date |
Description |
1.1 | 2015-11-19 | Updated description |
1.0 | 2015-09-10 | Initial release |
Your feedback helps to improve the overall experience