BIOS source code used with Intel’s 12th Gen Core processors has been leaked online, possibly including details of undocumented model-specific registers (MSRs) and even the private signing key for the security technology Intel Boot Guard.
The source code has apparently been shared via 4chan and GitHub, in a file containing tools and code to generate and optimize BIOS/UEFI firmware images, along with related documentation. Word spread quickly on Twitter over the weekend, with Alder Lake being the codename for the giant x86’s 12th-gen desktop processors.
Source code may reveal exploitable vulnerabilities in firmware that criminals could abuse on people’s PCs in the future. Here is a note from the generally reliable infosec watchers VX Underground:
The source code to the Intel Alder Lake has been leaked online.* Alder Lake CPU was released November 4, 2021* Source code is 2.8GB (compressed)* Leak (allegedly) from 4chan* We have not reviewed the entirety of the code base, it is massive
— vx-underground (@vxunderground) October 8, 2022
Other people have claimed that the file contains tools for provisioning or adjusting BIOS images, as well as Intel’s reference implementation of Alder Lake’s UEFI and an OEM implementation, believed to be Lenovo’s.
Intel has now verified the authenticity of the leak as its UEFI firmware code.
In a statement to The RegIntel said it doesn’t believe this would expose exploit writers to vulnerabilities, adding that anyone who discovers bugs found in leaked BIOS code can claim a reward under the company’s bug bounty program.
“Our proprietary UEFI code appears to have been leaked by a third party. We do not believe this exposes any new security vulnerabilities as we do not rely on information obfuscation as a security measure. This code is covered by our bug bounties within Project Circuit Breaker, and we encourage any researchers who may identify potential vulnerabilities to bring them to our attention through this program. We reach out to both customers and the security research community to keep them informed of this situation,” Intel said.
However, a security researcher has already identified information from the files that Intel may not have wanted to disclose, including details about the Alder Lake MSRs – undocumented registers in the processor that are used for functions such as debugging or enabling or disabling specific chip features.
Hardware guru Mark Ermolov of Positive Technologies also claimed that the file contained the private signing key for Intel’s Boot Guard technology. If correct, it could be serious since Boot Guard provides the hardware root of trust for the system and is an essential part of the UEFI secure boot mechanism.
Ermolov tweeted that “a very bad thing happened: now Intel Boot Guard cannot be trusted on vendor platforms”.
It is suggested that anyone who now has the private signing key can successfully digitally sign a malicious or modified BIOS image for Alder Lake systems and that the machines accept this unofficial version.
Despite what Intel says, the fact that the source code itself has been made public means that there is a danger that criminals could skim through the code and perhaps find new ways to attack the chip family, or find undiscovered vulnerabilities in the code.
“Source code has enormous value to cybercriminals because it is part of a company’s intellectual property,” said Sam Linford, vice president of EMEA channels at cybersecurity provider Deep Instinct. “Cybercriminals are always on the lookout for new techniques or vulnerabilities to catch security teams off guard.”
Intel’s Alder Lake chips were released in late 2021, with a wave of new chips added earlier this year. The family covers laptop and desktop processors, but not servers, so perhaps data center staff can breathe a sigh of relief. ®
#Intel #Alder #Lake #BIOS #code #leaked #vital #secrets
