ProcessorĔx AMD A6-6310 APU with AMD Radeon R4 Graphics Y430PĚffected −Ĝontact your service provider K20-80ĚffectedĚDCN37WWĜontact your service provider G40-75/G50-75Ěffected −Ĝontact your service provider Please see the Vendor Information section below to determine if your system may be affected. Lastly, the attacker could corrupt the platform firmware and cause the system to become inoperable.
Additionally, the attacker could arbitrarily read or write to the SMRAM region.
#Macfuse 4.2.0 update
However, we have discovered that on certain systems the boot script resides in unprotected memory which can be tampered with by an attacker with access to physical memory."Īn authenticated local attacker may be able to bypass Secure Boot and/or perform an arbitrary reflash of the platform firmware despite the presence of signed firmware update enforcement. Given this, the boot script is in a security critical position and maintaining its integrity is important. TSEGMB, which protects SMRAM against DMA, is also unlocked. For example, BIOS_CNTL, which helps protects the platform firmware against arbitrary writes, is unlocked. The boot script is interpreted early enough where important platform security mechanisms have not yet been configured. The boot script dictates various memory and port read/write operations to facilitate this re-initialization. "During the UEFI S3 Resume path, a boot script is interpreted to re-initialize the platform. Some UEFI systems fail to properly restrict access to the boot script used by the EFI S3 Resume Boot Path, allowing an authenticated, local attacker to bypass various firmware write protections.Īccording to Rafal Wojtczuk of Bromium and Corey Kallenberg of The MITRE Corporation:
#Macfuse 4.2.0 upgrade
UpgradeStatus: No upgrade log present (probably fresh install) InstallationMedia: Xubuntu 14.04.3 LTS "Trusty Tahr" - Beta amd64 (20150805) InstallationDate: Installed on (3 days ago)
Much less why it appears to work perfectly exactly once. act-vendor, from different people.)īeyond the investigations I have done, I know next to nothing about UEFI, or how Suspend might be interacting with it. This appears to be a weird interaction between suspend and UEFI protection, but others have reported that they have had working suspend when installed alone (and presumably in legacy from the start), but this behaviour appeared when reinstalled as dual-boot (when presumably UEFI would have had to be on). The second attempt to suspend, whether immediately or hours later, suspends the laptop (I can see the screen turn off, and hear the disk and fans stop, but a moment later the screen shows bright yellow console text declaring "Warning!!! Boot script table modified!!! Please contact your vendor.", and then it hard reboots.
Suspending the laptop, whether by closing the lid, choosing the suspend option from the menu, or directly typing "sudo pm-suspend" works perfectly well. (I have attempted to change to legacy boot, and got it to a state where it was booting without /sys/firmware/efi/ being present, but behaviour persisted.)
#Macfuse 4.2.0 install
Install detected UEFI, and installed in UEFI mode.
#Macfuse 4.2.0 windows
Fresh install of Xubuntu 14.04.3, replacing existing OEM Windows 10.