Intel Processor Memory Sinkhole Vulnerability

Intel Processor Memory Sinkhole Vulnerability

Intel Processor Memory Sinkhole Vulnerability

Lenovo Security Advisory: LEN-3748
Summary: Memory Sinkhole Vulnerability

Description:

In August 2015 at the Black Hat security conference, researcher Chris Domas presented a vulnerability found in Intel x86 processors manufactured between 1997 and 2010 (prior to the Sandy Bridge generation). Through this vulnerability, attackers with administrator or root level access to the operating system could install software, such as a rootkit, using the chip’s most privileged and protected System Management Mode (SMM). This was due to an architectural flaw that Intel found and corrected in 2011. This issue has been referred to as the “Memory Sinkhole” vulnerability.
There is no impact to Lenovo products that use Intel Sandy Bridge, Ivy Bridge, Grantley, and later generation processors as these processors are not vulnerable to this issue.

Products that use Pentium Pro through Nehalem Intel processors on enterprise, desktop, mobile and Atom may be vulnerable to this issue. 
Intel has provided a tool so users can verify the identification of their CPU:

https://downloadcenter.intel.com/download/7838/Intel-Processor-Identification-Utility-Windows-Version

https://www.blackhat.com/docs/us-15/materials/us-15-Domas-The-Memory-Sinkhole-Unleashing-An-x86-Design-Flaw-Allowing-Universal-Privilege-Escalation-wp.pdf

Revision History:

Revision

Date

Description

1.1 2015-11-19 Updated description
1.0 2015-09-10 Initial release

Alias Id:LEN_3748
Document ID:PS500030
Original Publish Date:06/16/2016
Last Modified Date:01/25/2017