Uncategorized

Installing Coreboot on Lenovo X210

[…]The other fun thing about it is that none of the firmware flashing protection is enabled, including Intel Boot Guard. This means running a custom firmware image is possible, and what would a ridiculous custom Thinkpad be without ridiculous custom firmware? A shadow of its potential, that’s what. So, I read the Coreboot[1] motherboard porting guide and set to.[…]

https://mjg59.dreamwidth.org/50924.html

Lenovo should be giving Matthew a free X210 for this effort:

Standard
Uncategorized

Lenovo ACPI bug – affects X1C6, X1Y3, X280, T480s, T480, T580, P52s, possibly more. ‎

“This bug deserves more attention than it is currently receiving. It should be pinned in every forum with an affected machine, so that owners of those machines will be aware that it exists. It is currently squirreled away in the T series forum, under the outdated title “T480s – ACPI bug”. I have asked that the title be updated and received no response, which is why I’m posting this here.[…]

There’s a bug in the ACPI tables that affects all of the machines listed in the title. The bug causes heavy CPU usage on one thread due to frequent ACPI interrupts. The symptoms are a slow system, and high CPU temperatures (idles around 65 degrees Celsius). Some operating systems may mitigate the symptoms, but the bug is present regardless.

The following circumstances trigger it:
-powering on the laptop
-waking from suspend (and possibly hibernate – untested)

The following actions prevent it:
-reboot the laptop (temporary fix)
-disable thunderbolt in the UEFI settings (permanent fix – with latest UEFI updates)

The official UEFI update changelogs for all of these machines make explicit mention of this issue: “-(Fix) Fix an issue where system may become hot by system interrupts when Thundrebolt is disabled in ThinkPad Setup – Security – I/O Port Access.”[…]

https://forums.lenovo.com/t5/ThinkPad-X-Series-Laptops/ACPI-bug-affects-X1C6-X1Y3-X280-T480s-T480-T580-P52s-possibly/td-p/4084521

https://forums.lenovo.com/t5/ThinkPad-T400-T500-and-newer-T/T480s-ACPI-bug/m-p/4064963#M124889

https://forums.lenovo.com/t5/ThinkPad-T400-T500-and-newer-T/T480s-ACPI-bug/m-p/4067181#M124936

https://download.lenovo.com/pccbbs/mobiles/n22ur05w.txt

 

Standard
Uncategorized

Diverse Lynx: seeks PenTester to use CHIPSEC [against Lenovo?]

Lenovo working throug an external pentest firm? Wish I saw more OEMs asking for appropriate job skills.

If you’re thinking about applying, look at some of the reviews for this consulting firm before doing so. Maybe look if Lenovo has a direct position open as well.

Diverse Lynx: Penetration tester
[…]It is also firmware analysis which according to Lenovo is analyzing anything that may be on disk. […] Chipsec needs to be used for this assessment. It’s for UEFI attacks, but it’s fairly automated.[…]

https://www2.jobdiva.com/candidates/myjobs/openjob_outside.jsp?id=10760288

https://www.diverselynx.com/

 

Standard
Uncategorized

Lenovo LEN-20241: System x Secure Boot Vulnerability

System x Secure Boot Vulnerability
Lenovo Security Advisory: LEN-20241
Potential Impact: Booting unauthenticated code
Severity: High
Scope of Impact: Lenovo-only
CVE Identifier: CVE-2017-3775

Lenovo internal testing discovered some System x server BIOS/UEFI versions that, when Secure Boot mode is enabled by a system administrator, do not properly authenticate signed code before booting it. As a result, an attacker with physical access to the system could boot unsigned code. Lenovo ships these systems with Secure Boot disabled by default, because signed code is relatively new in the data center environment, and standard operator configurations disable signature checking. Apply the BIOS/UEFI update appropriate for your model described in the product impact section below. If you are relying on Secure Boot, you may want to control physical access to systems prior to applying the updates.[…]

https://support.lenovo.com/us/en/solutions/len-20241
https://threatpost.com/lenovo-patches-arbitrary-code-execution-flaw/131725/

Standard
Uncategorized

Lenovo: Intel AMT MEBx Access Control Bypass

Intel Active Management Technology MEBx Access Control Bypass
2018-02-08
Initial Release

Scope of Impact: Industry-wide
Lenovo Security Advisory: LEN-19568

Potential Impact: Remote access and control
Severity: Critical

Intel has issued an advisory for Intel vPro Active Management Technology (AMT) to all system manufacturers. The Intel AMT default configuration has weak security around the Management Engine BIOS Extension (MEBx) password.[…]

ThinkPad – Updates coming soon
ThinkServer- Researching

https://support.lenovo.com/us/en/solutions/LEN-19568

https://sintonen.fi/advisories/intel-active-management-technology-mebx-bypass.txt

https://www.intel.com/content/www/us/en/support/articles/000020917/software/manageability-products.html

https://www.intel.com/content/dam/support/us/en/documents/technologies/Intel_AMT_Security_Best_Practices_QA.pdf

http://thinkdeploy.blogspot.com/2016/08/the-think-bios-config-tool.html

 

 

Standard