Talk Title:

Unwanted features: Finding and exploiting an in ROM buffer overflow on the LPC55S69

Abstract:

Oxide Computer set out to design a new server from the ground up. This included using the NXP LPC55S69 as the basis for a hardware root of trust. During the course of working with the LPC55S69 it became necessary to reverse engineer the ROM for thorough review. We managed to uncover a buffer overflow in signed update parsing in ROM during our review, filed as CVE-2022-22819. This exploit allows for non-persistent code execution and extraction of a device secret. After finding this issue, we were also left with the question of what mitigations to take if we wanted to continue to use this hardware in our product. This talk will review the full technical details of the exploit and discuss the impact of finding vulnerabilities when building a product.

Speaker Bio:

Laura is a software engineer with experience in low level systems. Her past work has focused on the Linux kernel in areas ranging from memory management to kernel maintainership. Laura's current role is at Oxide Computer working on Rust software for microcontrollers and accidentally finding hardware vulnerabilities.