LogoFAIL firmware attack (with link to Insyde's security advisory)

Sebastian_Klee · December 18, 2023, 10:43am

Any Updates for the Gen 13th Intel Laptops?

Simon84 · January 3, 2024, 8:59pm

I wanted to find out if the Logo is included in the Boot Guard section (Gen12). According to UefiTool LogoPcx is included in the boot guard section.

1FD0BACE-6F0A-4085-901E-F6210385CB6F > 20BC8AC9 > LzmaCustomDecompressGuid > Volume image section > EfiFirmwareFileSzstem2Guid > LogoPcx).

Offset: EFD070h
Name: LogoPcx
File GUID: 6F0CF054-AE6A-418C-A7CE-3C7A7CD74EC0

I extracted the logo and it is just a black image (1024*768 pixels). I have not found another logo. Does anybody know where the framework logo is stored? Does the code draw the logo itself?

SoldierSvejk · January 3, 2024, 9:42pm

So the attack requires the attacker to already own the system?

Alan_Pearce · January 3, 2024, 10:02pm

is the thread you should be following.

AquilaFasciata · January 3, 2024, 11:52pm

Howdy gang, in lieu of an update (for now) I’ve turned on the verbose boot mode (not near by computer, can’t remember the exact babe). This prints system info and doesn’t seem to draw the logo. Act accordingly everyone.

Ray519 · January 4, 2024, 1:39am

See my previous post here, I found it. Did not look to be in a region directly covered by bootguard if I am reading UefiTool correctly. But it might still be covered by transitively. I do not know enough to figure that out easily.

I also first found the black image and the TianoCore logo. The rest I found by doing a binary search for magic bytes of various image formats supported by the parsers that are shipped by Insyde. Frameworks Logos and the new diagnostic graphics I found in the AMD bios are mostly PNG.

Simon84 · January 4, 2024, 11:23am

Sadly no framework employee has acknowledged that this won’t parse the logo. If the logo is still parsed, the machine is still vulnerable.

Great, thank you very much!

Sadly no framework employee answers this question.

Sebastian_Klee · January 5, 2024, 8:52am

Happy new Year Alan and thank you very much for the link.
Hopefully there will be an update for the 13th Gen soon, so my Boss isnt worried about that anymore.
Have to update 40 machines then

Simon84 · January 5, 2024, 2:52pm

I found the GUID 67A75EF8-C454-45A0-A648-0A2B489F9BD6 in a boot guard protected region (The framework logo with the text “framework” after it).
My interpretation is, that white regions are completely protected, yellow regions are partly protected and red regions are not protected by intel boot guard.

Simon84 · January 5, 2024, 2:53pm

Where are you working?

Ray519 · January 5, 2024, 4:00pm

I matched the red regions to the IBB segments listed under security and assumed from that that those should be the directly protected sections. I.e. the address of the image is not covered by any of the IBB segments.
But not like I am entirely sure on this.

Simon84 · January 5, 2024, 4:51pm

You are correct, thank you very much.
I had a look at the source code. Red means protected, which is confusing to me:

github.com

LongSoft/UEFITool/blob/bf93a5eacc900de3b2665f0bbe52d116aa1fba25/common/treemodel.cpp#L33


      
              
              TreeItem *item = static_cast<TreeItem*>(index.internalPointer());
              
              if (role == Qt::DisplayRole) {
                  return item->data(index.column()).toLocal8Bit();
              }
          #if defined (QT_GUI_LIB)
              else if (role == Qt::BackgroundRole) {
                  if (markingEnabledFlag && marking(index) != BootGuardMarking::None) {
                      switch (marking(index)) {
                      case BootGuardMarking::BootGuardFullyInRange: return QBrush((Qt::GlobalColor)(markingDarkModeFlag ? Qt::darkRed    : Qt::red   )); break;
                      case BootGuardMarking::VendorFullyInRange:    return QBrush((Qt::GlobalColor)(markingDarkModeFlag ? Qt::darkCyan   : Qt::cyan  )); break;
                      case BootGuardMarking::PartiallyInRange:      return QBrush((Qt::GlobalColor)(markingDarkModeFlag ? Qt::darkYellow : Qt::yellow)); break;
                      }
                  }
              }
          #endif
              else if (role == Qt::UserRole) {
                  return item->info().toLocal8Bit();
              }

Sebastian_Klee · January 8, 2024, 11:24am

Little Company in Germany, we changed to Framework Devices from our old Dell Stuff.
(40 Machines, 28 are rolled out, rest will follow if there isnt any colleague on vaction left)

Simon_Brand · February 20, 2024, 5:49pm

Disclaimer: this post is for paranoid people only.

A machine compromised with a LogoFail attack could just pretend to do a firmware upgrade and show the new firmware version in the UI, while still being the old compromised version.
In my opinion, the only way to verify the new firmware version is using the TPM2.
Therefore you need to get a tpm2-quote and verify it (checkquote). Also to prevent attacks on the verification (e.g. spoofing a random key), you need to verify the endorsement-key signed by the TPM2-manufacturer and make sure, the attestation-key used to create the quote is stored in the TPM2 (makecredential/activatecredential).

To verify the PCR0 hash value of the TPM2, here are the firmware measurements for a Gen12 3.08 firmware:

EV_EFI_PLATFORM_FIRMWARE_BLOB
98ae98e8d8c95ad221072f6219f0d78f93e853f7839efeca553b5c5dc57ec505

EV_EFI_PLATFORM_FIRMWARE_BLOB
310c202ebc03c9af00a272e35bb04794df187345de41aebd84cba61e0ea18877

EV_EFI_PLATFORM_FIRMWARE_BLOB
1bc3bf9a394c85a6a6cfb226bbc6b1fb1e027e3d35f207f9a2192b1ba1c3ed03

EV_EFI_PLATFORM_FIRMWARE_BLOB
93ee99014cbfb2f48667329fdac9dc0638b750003b076551b7766d9f7ae80f4f

EV_EFI_PLATFORM_FIRMWARE_BLOB
60f19112d3263a2bcb3059c0c50798094fbb56b80053a94f0d3243fd6a74f9e9

EV_POST_CODE
681ac70fcab0ccad78e6d0519a50a9afb93676be893e2e6b9c06a333d6a93fb9

EV_POST_CODE
608072d8953921f15718897cbb0a47623e0c29fa7286d20beb0d733756acb643

These can be verified via the tpm2 eventlog. (e.g. on linux: tpm2_eventlog /sys/kernel/security/tpm0/binary_bios_measurements)

Alex_S · February 21, 2024, 6:08pm

this is amazing to hear

Angus_Gratton · April 2, 2024, 11:35pm

Heads up for anyone like me who was been semi-regularly checking this thread and LVFS for updates:

12th gen BIOS 3.08 Beta includes fix for “CVE-2023-40238 LogoFAIL”. Not great news for Linux users as this update can’t roll out via LVFS and the UEFI updater was pulled two months ago due to unexpected failures, but still…

I don’t see any similar update for the 11th gen, and I don’t know what the LogoFAIL situation is for AMD. However I still thought I’d post as I’d been assuming any progress would show up in this thread and/or in the available LVFS updates for Linux…

BusyBoredom · April 3, 2024, 12:19am

Realistically nobody should be using the 12th gen anymore, it’s gone nearly 2 years without a single stable patch. Kinda stinks that the early framework boards were sold as finished products; they had pretty prototype-like lifespans.

AquilaFasciata · April 3, 2024, 1:41am

Are you talking about UEFI updates? Almost no reason to update on laptops unless there’s a security or stability issue. I have never one time updated UEFI on a laptop; to relegate a device to outmoded status because of UEFI updates not being available on an otherwise stable system seems a little silly.

BusyBoredom · April 3, 2024, 1:59am

Of course I’d agree that when there are no security issues UEFI updates aren’t critical. Unfortunately though, the 12th gen has had known vulns since shortly after launch: 12th Gen BIOS Vulnerability

Ulmondil · April 3, 2024, 10:42pm

A new firmware update for AMD should release very soon (at least as a beta) and will fix this.