N/A

An issue was discovered on certain Fujitsu LIEFBOOK devices (A3510, U9310, U7511/U7411/U7311, U9311, E5510/E5410, U7510/U7410/U7310, E459/E449) with BIOS versions before v1.09 (A3510), v2.17 (U9310), v2.30 (U7511/U7411/U7311), v2.33 (U9311), v2.23 (E5510), v2.19 (U7510/U7410), v2.13 (U7310), and v1.09 (E459/E449). The FjGabiFlashCoreAbstractionSmm driver registers a Software System Management Interrupt (SWSMI) handler that is not sufficiently validated to ensure that the CommBuffer (or any other communication buffer's nested contents) are not pointing to SMRAM contents. A potential attacker can therefore write fixed data to SMRAM, which could lead to data corruption inside this memory (e.g., change the SMI handler's code or modify SMRAM map structures to break input pointer validation for other SMI handlers). Thus, the attacker could elevate privileges from ring 0 to ring -2 and execute arbitrary code in SMM.

N/A

N/A

FUJITSU LIEFBOOK devices 缓冲区错误漏洞

FUJITSU LIEFBOOK devices是日本富士通（FUJITSU）公司的一款笔记本电脑。 FUJITSU LIEFBOOK多个版本存在缓冲区错误漏洞，该漏洞源于FJGABIFlashCoreAxtractionSMM驱动程序注册了一个软件系统管理中断（SWSMI）处理程序，该处理程序未经过充分验证，无法确保CommBuffer（或任何其他通信缓冲区的嵌套内容）不指向SMRAM内容。攻击者利用该漏洞将固定数据写入SMRAM，导致内存中的数据损坏。以下产品及版本受到影响：Fujitsu LIEFB

N/A

N/A