Corpus ID: 18562348

Using CPU System Management Mode to Circumvent Operating System Security Functions

  title={Using CPU System Management Mode to Circumvent Operating System Security Functions},
  author={Duflot and {\'E}tiemble and Grumelard}
In this paper we show how hardware functionalities can be misused by an attacker to extend her control over a system. The originality of our approach is that it exploits seldom used processor and chipset functionalities, such as switching to system management mode, to escalate local privileges in spite of security restrictions imposed by the operating system. As an example we present a new attack scheme against OpenBSD on x86-based architectures. On such a system the superuser is only granted… Expand

Figures from this paper

Improving system security through TCB reduction
Design and Implementation of a Hardware Assisted Security Architecture for Software Integrity Monitoring
SMM Revolutions
  • W. A. R. Souza, A. Tomlinson
  • Computer Science
  • 2015 IEEE 17th International Conference on High Performance Computing and Communications, 2015 IEEE 7th International Symposium on Cyberspace Safety and Security, and 2015 IEEE 12th International Conference on Embedded Software and Systems
  • 2015
SoK: Hardware Security Support for Trustworthy Execution
Formal Verification of Secure User Mode Device Execution with DMA
Enforcing kernel constraints by hardware-assisted virtualization
Flexible Hardware-Managed Isolated Execution: Architecture, Software Support and Applications
Hypervisor-Based Protection of Code


Countering code-injection attacks with instruction-set randomization
Cryptography in OpenBSD: An Overview
StackGuard: Automatic Adaptive Detection and Prevention of Buffer-Overflow Attacks
  • C. Cowan
  • Computer Science
  • USENIX Security Symposium
  • 1998
A Dynamic Mechanism for Recovering from Buffer Overflow Attacks
A Binary Rewriting Defense Against Stack based Buffer Overflow Attacks
Run-time Detection of Heap-based Overflows
Hardware Requirements for Secure Computer Systems: A Framework
Statically Detecting Likely Buffer Overflow Vulnerabilities
Address obfuscation: An approach to combat buffer overflows, format-string attacks and more
  • Proceedings of the 12th Usenix Security Symposium, August
  • 2003
Randomized Instruction Set Emulation To Disrupt Binary Code Injection Attacks