Uefi

A security vulnerability has been identified in specific motherboard models from leading manufacturers such as ASRock, ASUSTeK Computer, GIGABYTE and MSI. This flaw leaves systems susceptible to Direct Memory Access (DMA) attacks during the early boot phase, affecting architectures that implement the Unified Extensible Firmware Interface (UEFI) and Input/Output Memory Management Unit (IOMMU). Early Boot DMA Protection Failure The vulnerability, discovered by Riot Games’ Nick Peterson and Mohamed Al-Sharifi, lies in the UEFI firmware implementation. Although the IOMMU and UEFI are designed to prevent unauthorized access to memory by peripherals, the flaw arises from a discrepancy: the firmware indicates that DMA protection is active, but fails to configure and enable the IOMMU correctly during the critical boot phase. ...