@Evv1L @libreleah This uses CVE-2017-5705. It has been... | mkukri

Leah Rowe is not a Rowebot's posts Post Back to profile

@Evv1L @libreleah

This uses CVE-2017-5705.

It has been fixed by Intel in newer ME v11.x.x.x firmware releases, however ME11 hardware has no protection again downgrading the ME version by overwriting the SPI flash physically, thus we can downgrade to a vulnerable version.

After downgrade, we exploit the bup module of the vulnerable firmware, overwriting the copy of boot guard FPFs stored in SRAM, resulting in the fused boot guard configuration being replaced with our desired one.

Like 26 May at 12:48 | Wall-to-wall | Open on mas.to

4 comments

it takes a village

@mkukri @Evv1L @libreleah

T480 libreboot when? 😜

3 June at 9:26 | Open on climatejustice.social

Leah Rowe is not a Rowebot

@djuuss @mkukri @Evv1L mate says he is interested in that machine.

3 June at 9:30 | Open on mas.to

it takes a village

@libreleah @mkukri @Evv1L

in my circle there's also some x380 yoga's. But T480 is the last 'tinkerable' laptop that /r/thinkpad is hyped over.

edit: thank you!!

3 June at 9:31 | Open on climatejustice.social

Leah Rowe is not a Rowebot

@djuuss @mkukri @Evv1L no promises, but mate has told me in #libreboot that he is indeed interested in the t470 and t480 machines

3 June at 9:33 | Open on mas.to