Class Central is learner-supported. When you buy through links on our site, we may earn an affiliate commission.

YouTube

The Memory Sinkhole - Unleashing An X86 Design Flaw Allowing Universal Privilege Escalation

Black Hat via YouTube

Overview

Explore a critical x86 design flaw allowing universal privilege escalation in this 47-minute Black Hat conference talk by Christopher Domas. Delve into the complex world of x86 architecture, uncovering a 20-year-old vulnerability that enables malicious code to bypass ring 0 and access ultra-privileged processor modes. Learn about the intricate layers of protection in x86, the forgotten backdoors into privileged realms, and the exploitation of an architectural 0-day built into the silicon. Discover the APIC Remap Attack, the Memory Sinkhole, and their implications for system security. Examine the firmware ecosystem, SMM rootkits, and potential mitigations. Gain insights into this unique and complex vulnerability, its impact on every system, and the future of x86 security.

Syllabus

Intro
Overview
demonstration
The Negative Rings...
SMM ... pandora's box
SMM Security
20 years ago...
The APIC Remap Attack
Attack Strategy
Attack Attempt 1: Fails
Attack Attempt 2
The APIC Payload
Attack Attempt 3
The Memory Sinkhole
The Firmware Ecosystem
The template SMM entry
A new class of exploits
SMM Rootkit
Impact
Mitigations
Looking Forward
Conclusion

Taught by

Black Hat

Reviews

Start your review of The Memory Sinkhole - Unleashing An X86 Design Flaw Allowing Universal Privilege Escalation

Never Stop Learning.

Get personalized course recommendations, track subjects and courses with reminders, and more.

Someone learning on their laptop while sitting on the floor.