5. CommBuffer SMM Overwrite/Exposure
“
CommBuffer
” is the name of a communication mechanism between runtime code and runtime SMM code. Malicious code could set the address of CommBuffer
such that calls to runtime SMM code would overwrite or expose the contents of SMRAM.Reported by the Advanced Threat Research team at Intel Security.