• Welcome to TechPowerUp Forums, Guest! Please check out our forum guidelines for info related to our community.

Intel Confirm Alder Lake UEFI/BIOS Source Code Leak

AleksandarK

News Editor
Staff member
Joined
Aug 19, 2017
Messages
2,651 (0.99/day)
Intel Alder Lake source code for BIOS/UEFI building and optimization has been leaked in a massive 6 GB leak that appeared on 4chan and GitHub. While this number may seem small, it is a colossal codebase, given that the regular code files take up small space. We assume that the documentation is bundled there as well, however, we can not check ourselves as the repository has been taken down. Tom's Hardware has contacted an Intel representative to talk about the code leak and the rep issued a statement for the website.

Intel Spokesperson said:
Our proprietary UEFI code appears to have been leaked by a third party. We do not believe this exposes any new security vulnerabilities as we do not rely on obfuscation of information as a security measure. This code is covered under our bug bounty program within the Project Circuit Breaker campaign, and we encourage any researchers who may identify potential vulnerabilities to bring them our attention through this program. We are reaching out to both customers and the security research community to keep them informed of this situation.



While we don't know exactly who made the source code public, assumptions led to Chinese vendors creating software for Lenovo. There are no direct accusations, and Intel hasn't stated who is to blame, so we have to wait for further information.

View at TechPowerUp Main Site | Source
 
Joined
Feb 15, 2019
Messages
1,666 (0.78/day)
System Name Personal Gaming Rig
Processor Ryzen 7800X3D
Motherboard MSI X670E Carbon
Cooling MO-RA 3 420
Memory 32GB 6000MHz
Video Card(s) RTX 4090 ICHILL FROSTBITE ULTRA
Storage 4x 2TB Nvme
Display(s) Samsung G8 OLED
Case Silverstone FT04
Some PR team put the wrong file in the 'Another Day another Intel Leak' Folder ?
 
Joined
Oct 2, 2015
Messages
3,152 (0.94/day)
Location
Argentina
System Name Ciel / Akane
Processor AMD Ryzen R5 5600X / Intel Core i3 12100F
Motherboard Asus Tuf Gaming B550 Plus / Biostar H610MHP
Cooling ID-Cooling 224-XT Basic / Stock
Memory 2x 16GB Kingston Fury 3600MHz / 2x 8GB Patriot 3200MHz
Video Card(s) Gainward Ghost RTX 3060 Ti / Dell GTX 1660 SUPER
Storage NVMe Kingston KC3000 2TB + NVMe Toshiba KBG40ZNT256G + HDD WD 4TB / NVMe WD Blue SN550 512GB
Display(s) AOC Q27G3XMN / Samsung S22F350
Case Cougar MX410 Mesh-G / Generic
Audio Device(s) Kingston HyperX Cloud Stinger Core 7.1 Wireless PC
Power Supply Aerocool KCAS-500W / Gigabyte P450B
Mouse EVGA X15 / Logitech G203
Keyboard VSG Alnilam / Dell
Software Windows 11
So, AVX-512 toggles when.
 

bug

Joined
May 22, 2015
Messages
13,843 (3.95/day)
Processor Intel i5-12600k
Motherboard Asus H670 TUF
Cooling Arctic Freezer 34
Memory 2x16GB DDR4 3600 G.Skill Ripjaws V
Video Card(s) EVGA GTX 1060 SC
Storage 500GB Samsung 970 EVO, 500GB Samsung 850 EVO, 1TB Crucial MX300 and 2TB Crucial MX500
Display(s) Dell U3219Q + HP ZR24w
Case Raijintek Thetis
Audio Device(s) Audioquest Dragonfly Red :D
Power Supply Seasonic 620W M12
Mouse Logitech G502 Proteus Core
Keyboard G.Skill KM780R
Software Arch Linux + Win10
While this number may seem small, it is a colossal codebase

Why would that seem small? Was the code leaked in 4k HDR uncompressed format?
 
Joined
Sep 17, 2014
Messages
22,669 (6.05/day)
Location
The Washing Machine
System Name Tiny the White Yeti
Processor 7800X3D
Motherboard MSI MAG Mortar b650m wifi
Cooling CPU: Thermalright Peerless Assassin / Case: Phanteks T30-120 x3
Memory 32GB Corsair Vengeance 30CL6000
Video Card(s) ASRock RX7900XT Phantom Gaming
Storage Lexar NM790 4TB + Samsung 850 EVO 1TB + Samsung 980 1TB + Crucial BX100 250GB
Display(s) Gigabyte G34QWC (3440x1440)
Case Lian Li A3 mATX White
Audio Device(s) Harman Kardon AVR137 + 2.1
Power Supply EVGA Supernova G2 750W
Mouse Steelseries Aerox 5
Keyboard Lenovo Thinkpad Trackpoint II
VR HMD HD 420 - Green Edition ;)
Software W11 IoT Enterprise LTSC
Benchmark Scores Over 9000
Joined
Sep 17, 2014
Messages
22,669 (6.05/day)
Location
The Washing Machine
System Name Tiny the White Yeti
Processor 7800X3D
Motherboard MSI MAG Mortar b650m wifi
Cooling CPU: Thermalright Peerless Assassin / Case: Phanteks T30-120 x3
Memory 32GB Corsair Vengeance 30CL6000
Video Card(s) ASRock RX7900XT Phantom Gaming
Storage Lexar NM790 4TB + Samsung 850 EVO 1TB + Samsung 980 1TB + Crucial BX100 250GB
Display(s) Gigabyte G34QWC (3440x1440)
Case Lian Li A3 mATX White
Audio Device(s) Harman Kardon AVR137 + 2.1
Power Supply EVGA Supernova G2 750W
Mouse Steelseries Aerox 5
Keyboard Lenovo Thinkpad Trackpoint II
VR HMD HD 420 - Green Edition ;)
Software W11 IoT Enterprise LTSC
Benchmark Scores Over 9000
Just caught the last line in that article.

'While we don't know exactly who made the source code public, assumptions led to Chinese vendors creating software for Lenovo. There are no direct accusations, and Intel hasn't stated who is to blame, so we have to wait for further information'

Oh boy, Superfish V2, here we come
 
Joined
Mar 10, 2010
Messages
11,878 (2.20/day)
Location
Manchester uk
System Name RyzenGtEvo/ Asus strix scar II
Processor Amd R5 5900X/ Intel 8750H
Motherboard Crosshair hero8 impact/Asus
Cooling 360EK extreme rad+ 360$EK slim all push, cpu ek suprim Gpu full cover all EK
Memory Corsair Vengeance Rgb pro 3600cas14 16Gb in four sticks./16Gb/16GB
Video Card(s) Powercolour RX7900XT Reference/Rtx 2060
Storage Silicon power 2TB nvme/8Tb external/1Tb samsung Evo nvme 2Tb sata ssd/1Tb nvme
Display(s) Samsung UAE28"850R 4k freesync.dell shiter
Case Lianli 011 dynamic/strix scar2
Audio Device(s) Xfi creative 7.1 on board ,Yamaha dts av setup, corsair void pro headset
Power Supply corsair 1200Hxi/Asus stock
Mouse Roccat Kova/ Logitech G wireless
Keyboard Roccat Aimo 120
VR HMD Oculus rift
Software Win 10 Pro
Benchmark Scores 8726 vega 3dmark timespy/ laptop Timespy 6506
This can't be good.

What's the commonality like for uefi between vendors is one question I have.
 

bug

Joined
May 22, 2015
Messages
13,843 (3.95/day)
Processor Intel i5-12600k
Motherboard Asus H670 TUF
Cooling Arctic Freezer 34
Memory 2x16GB DDR4 3600 G.Skill Ripjaws V
Video Card(s) EVGA GTX 1060 SC
Storage 500GB Samsung 970 EVO, 500GB Samsung 850 EVO, 1TB Crucial MX300 and 2TB Crucial MX500
Display(s) Dell U3219Q + HP ZR24w
Case Raijintek Thetis
Audio Device(s) Audioquest Dragonfly Red :D
Power Supply Seasonic 620W M12
Mouse Logitech G502 Proteus Core
Keyboard G.Skill KM780R
Software Arch Linux + Win10
This can't be good.
This can be better than good. It can show the importance of security that is not built upon closed firmware and things like that. You know, things projects like Coreboot have been preaching for years.
 
Joined
Mar 10, 2010
Messages
11,878 (2.20/day)
Location
Manchester uk
System Name RyzenGtEvo/ Asus strix scar II
Processor Amd R5 5900X/ Intel 8750H
Motherboard Crosshair hero8 impact/Asus
Cooling 360EK extreme rad+ 360$EK slim all push, cpu ek suprim Gpu full cover all EK
Memory Corsair Vengeance Rgb pro 3600cas14 16Gb in four sticks./16Gb/16GB
Video Card(s) Powercolour RX7900XT Reference/Rtx 2060
Storage Silicon power 2TB nvme/8Tb external/1Tb samsung Evo nvme 2Tb sata ssd/1Tb nvme
Display(s) Samsung UAE28"850R 4k freesync.dell shiter
Case Lianli 011 dynamic/strix scar2
Audio Device(s) Xfi creative 7.1 on board ,Yamaha dts av setup, corsair void pro headset
Power Supply corsair 1200Hxi/Asus stock
Mouse Roccat Kova/ Logitech G wireless
Keyboard Roccat Aimo 120
VR HMD Oculus rift
Software Win 10 Pro
Benchmark Scores 8726 vega 3dmark timespy/ laptop Timespy 6506
This can be better than good. It can show the importance of security that is not built upon closed firmware and things like that. You know, things projects like Coreboot have been preaching for years.
I mean yes, it could push that correct agenda, but given most Aibs have been hacked at some point does it mean greater security issues for all in the short term.

I am not in security so these questions are both genuine and non confrontational IE I want to know.

Do I need to be careful about bios flashes now from OEM sources etc.

Is it worse than that in respect to this hacked knowledge allowing some serious administration level violation through simple phishing exploits etc.
 

bug

Joined
May 22, 2015
Messages
13,843 (3.95/day)
Processor Intel i5-12600k
Motherboard Asus H670 TUF
Cooling Arctic Freezer 34
Memory 2x16GB DDR4 3600 G.Skill Ripjaws V
Video Card(s) EVGA GTX 1060 SC
Storage 500GB Samsung 970 EVO, 500GB Samsung 850 EVO, 1TB Crucial MX300 and 2TB Crucial MX500
Display(s) Dell U3219Q + HP ZR24w
Case Raijintek Thetis
Audio Device(s) Audioquest Dragonfly Red :D
Power Supply Seasonic 620W M12
Mouse Logitech G502 Proteus Core
Keyboard G.Skill KM780R
Software Arch Linux + Win10
I mean yes, it could push that correct agenda, but given most Aibs have been hacked at some point does it mean greater security issues for all in the short term.

I am not in security so these questions are both genuine and non confrontational IE I want to know.

Do I need to be careful about bios flashes now from OEM sources etc.

Is it worse than that in respect to this hacked knowledge allowing some serious administration level violation through simple phishing exploits etc.
The first thing you could do, would be to modify the UEFI itself, or some firmware module it uses. But then, you'd need a way to install that on a machine to compromise it. Most people update their UEFI from the motherboard's manufacturer's site. And you get newer firmware modules through Windows or Linux updates. While I'm sure someone will find a way to do just that, I expect the damage to be limited to users that get their updates from questionable sources. I.e., very limited.

But I'm no security expert, let's wait and see what they have to say.
 
Joined
Jul 10, 2017
Messages
2,671 (0.98/day)
The first thing you could do, would be to modify the UEFI itself, or some firmware module it uses. But then, you'd need a way to install that on a machine to compromise it. Most people update their UEFI from the motherboard's manufacturer's site. And you get newer firmware modules through Windows or Linux updates. While I'm sure someone will find a way to do just that, I expect the damage to be limited to users that get their updates from questionable sources. I.e., very limited.

But I'm no security expert, let's wait and see what they have to say.
Many UEFI have OS interfaces to push blobs to them. Or worse, there are undocumented ways to push new code (even unsigned one) to UEFI, without the users even knowing.
 

bug

Joined
May 22, 2015
Messages
13,843 (3.95/day)
Processor Intel i5-12600k
Motherboard Asus H670 TUF
Cooling Arctic Freezer 34
Memory 2x16GB DDR4 3600 G.Skill Ripjaws V
Video Card(s) EVGA GTX 1060 SC
Storage 500GB Samsung 970 EVO, 500GB Samsung 850 EVO, 1TB Crucial MX300 and 2TB Crucial MX500
Display(s) Dell U3219Q + HP ZR24w
Case Raijintek Thetis
Audio Device(s) Audioquest Dragonfly Red :D
Power Supply Seasonic 620W M12
Mouse Logitech G502 Proteus Core
Keyboard G.Skill KM780R
Software Arch Linux + Win10
Many UEFI have OS interfaces to push blobs to them.
Of course they do, that's how you get new firmware through Windows or Linux update.
Or worse, there are undocumented ways to push new code (even unsigned one) to UEFI, without the users even knowing.
Idk about undocumented means, but it's not like users are too aware when they get a firmware update anyway. Luckily, that's what makes them likely to be using the default update channels: they don't know how to mess with that.
That changes if the users click on "install this asap for added security" email they got from an innocent bystanders. But you can't save those users anyway.
 
Joined
Dec 26, 2006
Messages
3,862 (0.59/day)
Location
Northern Ontario Canada
Processor Ryzen 5700x
Motherboard Gigabyte X570S Aero G R1.1 BiosF5g
Cooling Noctua NH-C12P SE14 w/ NF-A15 HS-PWM Fan 1500rpm
Memory Micron DDR4-3200 2x32GB D.S. D.R. (CT2K32G4DFD832A)
Video Card(s) AMD RX 6800 - Asus Tuf
Storage Kingston KC3000 1TB & 2TB & 4TB Corsair MP600 Pro LPX
Display(s) LG 27UL550-W (27" 4k)
Case Be Quiet Pure Base 600 (no window)
Audio Device(s) Realtek ALC1220-VB
Power Supply SuperFlower Leadex V Gold Pro 850W ATX Ver2.52
Mouse Mionix Naos Pro
Keyboard Corsair Strafe with browns
Software W10 22H2 Pro x64
"Our proprietary UEFI code appears to have been leaked by a third party. We do not believe this exposes any new security vulnerabilities"

But is it possible??
 
Joined
Jul 10, 2017
Messages
2,671 (0.98/day)
Of course they do, that's how you get new firmware through Windows or Linux update.

Idk about undocumented means, but it's not like users are too aware when they get a firmware update anyway. Luckily, that's what makes them likely to be using the default update channels: they don't know how to mess with that.
That changes if the users click on "install this asap for added security" email they got from an innocent bystanders. But you can't save those users anyway.
Every update that you didn't get from an official source and you didn't deploy it yourself is a security risk.
I for one prefer to be able to update UEFI only from one place, needing the physical presence of moir.
 
Joined
Jan 29, 2012
Messages
6,881 (1.46/day)
Location
Florida
System Name natr0n-PC
Processor Ryzen 5950x-5600x | 9600k
Motherboard B450 AORUS M | Z390 UD
Cooling EK AIO 360 - 6 fan action | AIO
Memory Patriot - Viper Steel DDR4 (B-Die)(4x8GB) | Samsung DDR4 (4x8GB)
Video Card(s) EVGA 3070ti FTW
Storage Various
Display(s) Pixio PX279 Prime
Case Thermaltake Level 20 VT | Black bench
Audio Device(s) LOXJIE D10 + Kinter Amp + 6 Bookshelf Speakers Sony+JVC+Sony
Power Supply Super Flower Leadex III ARGB 80+ Gold 650W | EVGA 700 Gold
Software XP/7/8.1/10
Benchmark Scores http://valid.x86.fr/79kuh6
hacked optimizations perhaps
 
Joined
Jan 15, 2021
Messages
337 (0.23/day)
We do not believe this exposes any new security vulnerabilities

The key word here is "BELIVE"...
 
Joined
Aug 20, 2007
Messages
21,541 (3.40/day)
System Name Pioneer
Processor Ryzen R9 9950X
Motherboard GIGABYTE Aorus Elite X670 AX
Cooling Noctua NH-D15 + A whole lotta Sunon and Corsair Maglev blower fans...
Memory 64GB (4x 16GB) G.Skill Flare X5 @ DDR5-6000 CL30
Video Card(s) XFX RX 7900 XTX Speedster Merc 310
Storage Intel 905p Optane 960GB boot, +2x Crucial P5 Plus 2TB PCIe 4.0 NVMe SSDs
Display(s) 55" LG 55" B9 OLED 4K Display
Case Thermaltake Core X31
Audio Device(s) TOSLINK->Schiit Modi MB->Asgard 2 DAC Amp->AKG Pro K712 Headphones or HDMI->B9 OLED
Power Supply FSP Hydro Ti Pro 850W
Mouse Logitech G305 Lightspeed Wireless
Keyboard WASD Code v3 with Cherry Green keyswitches + PBT DS keycaps
Software Gentoo Linux x64 / Windows 11 Enterprise IoT 2024
Well....if this includes microcode...meltdown is going to be back
If they were relying on security through obscurity maybe. Nobody does that anymore though. This should make little difference, and maybe even help the overall security.

We do not believe this exposes any new security vulnerabilities

The key word here is "BELIVE"...
Believe. And That's all you can ever do when predicting the future.

But is it possible??
Anything is possible. But they'd have to be doing some seriously bad practice for it to make things worse.

Many UEFI have OS interfaces to push blobs to them. Or worse, there are undocumented ways to push new code (even unsigned one) to UEFI, without the users even knowing.
Those loopholes are closed on most modern builds by vendors these days, at least for unsigned code. There was a big push to eliminate that a year or so ago. And thank god, because UEFI malware was on the cusp of becoming a real issue...

I mean yes, it could push that correct agenda, but given most Aibs have been hacked at some point does it mean greater security issues for all in the short term.
Not likely.
 
Last edited:
Top