[email protected] +603-2181 3666
Intel Smart Sound Tech Vulnerable to Three High-Severity Bugs
July 28, 2018
0

Intel patches three flaws that could allow a local attacker to execute arbitrary code on impacted systems.

Intel issued three fixes for bugs that could allow a local attacker to execute code on Intel Core and Atom processor-based PCs.

The vulnerabilities are tied to versions of its own Intel Smart Sound Technology, used to boost audio processing for tasks such as voice commands and interactions with Cortana, Nuance Dragon and Skype.

In an advisory (INTEL-SA-00163) issued Wednesday the chipmaker rated the severity of the issue as “Important.” Based on MITRE’s CVSS v3.0 ratings system, each of the three vulnerabilities are rated “high” or 7.5.

One of the vulnerabilities (CVE-2018-3666) is traced back to a driver module used in Intel’s Smart Sound Technology (before version 9.21.00.3541) that could potentially allow a local attacker to execute arbitrary code as administrator via a non-paged pool overflow.

A non-paged pool overflow is a type of attack where an adversary exploits kernel pool corruption vulnerabilities. A kernel pool is similar to Microsoft Windows heap, a form of memory manager that an application can use when it needs to allocate and free memory dynamically.

“An attacker’s goal in exploiting pool corruption vulnerabilities is to ultimately execute arbitrary code in ring 0. This often starts with an arbitrary memory write or n-byte corruption at a chosen location,” wrote researcher Tarjei Mandt in a technical paper on kernel pool exploitation (PDF).

Ring 3 is the least privileged protection ring, usually associated with the user’s privileges compared to Ring 0 which is the kernel.

Intel also patched a driver module vulnerability (CVE-2018-3670) in versions of the Smart Sound Technology (before 9.21.00.3541) that potentially allows a local attacker to execute arbitrary code as administrator via a buffer overflow attack.

A third vulnerability (CVE-2018-3672) was also identified in version 9.21.00.3541 (and prior) of its Smart Sound Technology. According to the Intel security bulletin the driver module for the component allows a local attacker to execute arbitrary code as administrator via a system calls.

According to Intel, its Smart Sound Technology “is an integrated audio Digital Signal Processor built to handle audio, voice, and speech interactions. It allows the latest Intel Core and Intel Atom processor-based PCs to respond to your voice command quickly and offer high fidelity audio without impacting system performance and battery life.”

A version of the Intel Smart Sound Technology debuted in 2015 with the introduction of the chipmaker’s 5th generation Intel core processor platform.

Source: threatpost.com