LASER_oneXM

Level 37
Verified
Top poster
Well-known
Feb 4, 2016
2,557
Nov 12, 2021 03:04 EST

A couple of days ago, Intel updated its security advisory to include two new Local Escalation of Privilege (LPE) bugs that it was made aware of by security researchers. The first bug has been assigned the ID "CVE-2021-0157", and is presumably the more dangerous one since it affects some of the more common CPU families. However, fortunately for Intel, the latest Alder Lake-S family of processors is not vulnerable. The list of affected CPU families are:

Intel® Xeon® Processor E Family
Intel® Xeon® Processor E3 v6 Family
Intel® Xeon® Processor W Family
3rd Generation Intel® Xeon® Scalable Processors
11th Generation Intel® Core™ Processors
10th Generation Intel® Core™ Processors
7th Generation Intel® Core™ Processors
Intel® Core™ X-series Processors
Intel® Celeron® Processor N Series
Intel® Pentium® Silver Processor Series

The second bug with ID "CVE-2021-0146" seems to affect lower-end CPUs like the Pentium and Celeron with the following CPU IDs. Embedded SOCs are also affected and have been classified separately.

As far as recommendations, Intel has advised users to update the systems' BIOS to the firmware version that patches the issue. Hence, users should be on the lookout for when their OEMs or motherboard vendors release the patched firmware.
 

LASER_oneXM

Level 37
Verified
Top poster
Well-known
Feb 4, 2016
2,557

Also disclosed on Tuesday and being mitigated by updated firmware is INTEL-SA-00528 (CVE-2021-0146) around a security vulnerability in various Atom, Celeron, and Pentium processors. These affected processors allow activating test/debug logic at run-time that could be used by unauthenticated users to escalate their privileges. This carries a high CVSS base score of 7.1.


For both of these Intel security advisories, it is important to note that it requires a malicious actor to first have local user access to the system and then the risk from there is privilege escalation. So public multi-user systems, servers, etc, are obviously most at risk and impacted by these new vulnerabilities.


The precise details on the vulnerabilities within the Intel BIOS reference code doesn't appear to have been made public yet. However, given many OEMs relying on that reference code and the number of affected processors, there is broad exposure on INTEL-SA-00562. Dell, HP, Lenovo, and other vendors have already begun rolling out updated BIOSes to address these newly disclosed vulnerabilities. Intel Platform Update (IPU) Update 2021.2 for November 2021 has the necessary firmware updates.
 
Top