OpenBMC on PantsDown

~ hucktech

Re: https://firmwaresecurity.com/2019/01/22/cve-2019-6260-pantsdown-gaining-control-of-bmc-from-the-host-processor/

[…]Solution: The mitigations are in the 2.6 level of OpenBMC for all supported SPEED-based platforms. The complete solution is platform dependent because it can involve patching both the BMC firmware and the host firmware. For example, disabling the iLPC2AHB bridge can be a bit of a finicky process. The host platform’s operating system may be impacted when the P2A bridge is disabled. The solution may require an updated ASPEED video driver. See Linux commit 71f677a.[…]

https://gerrit.openbmc-project.xyz/c/openbmc/docs/+/11164

https://github.com/openbmc/openbmc/issues/3475

Published by hucktech

One thought on “OpenBMC on PantsDown

  1. Pingback: cve-2019-6260: A Test and Debug Tool for ASPEED BMC AHB Interfaces (PantsDown) – Firmware Security

Leave a Reply

Please log in using one of these methods to post your comment:

Gravatar
WordPress.com Logo

You are commenting using your WordPress.com account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )

Cancel

Connecting to %s