LogoFAIL vulnerability, December 2023

Findings:

Supermicro is aware of a potential vulnerability known as “LogoFAIL” in the BIOS firmware. Improper input validation in an image parser library used by BIOS may allow a privileged user to potentially enable escalation of privilege via local access.

CVE:

CVE-2023-39538
Severity: high
CVE-2023-39539
Severity: high

Affected products:

X13-AlderLake	BIOS version with the fix
B4SA1-CPU	3.1
X13SAE	3.1
X13SAE-F	3.1
X13SAN-H/-E/-L/-C	3.1
X13SAQ	3.1
X13SAV-LVDS	3.1
X13SAV-PS	3.1
X13SAZ-F	3.1
X13SAZ-Q	3.1

X13-FishHawk Falls	BIOS version with the fix
X13SRA-TF	2.0a
X13SWA-T(F)	2.0a

X13-RaptorLake	BIOS version with the fix
X13SRN-H/-E/-WOHS	3.1

X13-Catlow	BIOS version with the fix
X13SCL-IF	1.2
X13SCL-F	1.2
X13SCH	1.2
X13SCD-F	1.2
X13SCW	1.2
B4SC1	1.2

R12-ARM Altra (Max)	BIOS version with the fix
R12SPD-A/-M	1.2
R12SPD-R	1.2

X12-Tatlow	BIOS version with the fix
X12STW	1.8
X12STH	1.8
X12STD	1.8
X12STE	1.8
X12STL-IF	1.8
X12STL-F	1.8
B3ST1	1.8

X12/C9-Rocketlake	BIOS version with the fix
X12SAE-5	1.5a
X12SCA-5F	1.5a
C9Z590-CG(W)	1.5a

X12/C9-Cometlake	BIOS version with the fix
X12SAE/X12SCA-F	2.9
X12SCQ	2.9
X12SCV-LVDS	2.9a
X12SCV-W	2.9a
X12SCZ-TLN4F/QF/F	2.9a
C9Z490-PGW	2.9a

X12-Idaville	BIOS version with the fix
X12SDV-SPT4F	1.7
X12SDV-SP6F	1.7
X12SDV-SPT8F	1.7
B3SD1	TBD

X12-TigerLake	BIOS version with the fix
X12STN	1.5

X11-Bakerville	BIOS version with the fix
B2SD2	2.1
X11SDC	2.1
X11SDV-TLN2F	2.1
X11SDV-TP8F	2.1
X11SDW-TP13F	2.1
X11SDW-TP13F+	2.1
X11SDD	1.4b
X11SDS	1.4

X11-Purley	BIOS version with the fix
X11SPi-TF	4.2
X11SPG-TF	4.2
X11SPH-nCT(P)F	4.2
X11SPL-F	4.2
X11SPM-(T)F/TPF	4.2
X11SPW-(C)TF	4.2
X11DPi-N/NT/Ni	4.2
X11DAi-N	4.2
X11DGQ-R	4.0
X11DPG-HGX2	EOL
X11DPG-OT	4.0
X11DPS-RE	4.2
X11DAC	4.2
X11DGO	4.2
X11QPH+	4.2
X11QPL	4.2
X11OPi	4.2
B11DPT	4.2
B11DPE	4.0
B11QPI/-T	4.0
X11DPD-L/M25	4.2
X11DPG-QT (32MB)	4.2
X11DPG-QT (64MB)	4.2
X11DPL-i	4.2
X11DPU	4.2
X11DPU-V	4.2
X11DPU-R	TBD
X11DPX-T	4.2
X11DSC+	4.2
X11DDW-L/N(T)	4.2
X11DPFF-SN	4.2
X11DPFR-S(N)	4.2
X11DPH-T(Q)(F)	4.2
X11DPT-B	4.2
X11DPT-PS	4.2
X11DPU-Z+	4.2
B11SPE	4.2

X11-Greenlow_Server	BIOS version with the fix
X11SSD-F	3.1
X11SSH-(C)TF	3.1
X11SSH-(LN4)F	3.1
X11SSL(-F)	3.1
X11SSL-C/nF	3.1
X11SSM(-F)	3.1
X11SSW-(4)TF	3.1
X11SSW-F	3.1
X11SSA-F/X11SSi-LN4F	3.1
X11SSE-F	3.1
X11SSH-G(T)F-1585(L)	1.8
X11SSV-M4F	3.1
B2SS2-F	3.1
B2SS2-CPU/-(C)F	3.1
B2SS1/2(-H)-MTF	1.8

X11-Greenlow_Workstation	BIOS version with the fix
X11SAE(-F)	4.0
X11SAE-M	4.0
X11SAT-F	4.0
X11SSQ	4.0
X11SSQ-L	4.0
X11SSV-Q/LVDS	4.0
X11SSZ-(Q)F/TLN4F	4.0

X11-Whiskeylake-U	BIOS version with the fix
X11SWN	2.0

X11-Braswell	BIOS version with the fix
X11SBA-LN4F/F	1.2

X11-Mehlow_Server	BIOS version with the fix
X11SCW	2.3
X11SCD	2.3
X11SCM	2.3
X11SCL-LN4F	2.3
X11SCE	2.3
X11SCH	2.3
X11SCL-F	2.3
X11SCL	2.3

X11-Mehlow_Workstation	BIOS version with the fix
X11SCA-F	2.3a
X11SCQ/L	2.3
X11SCV-Q/L	2.3
X11SCZ-F/Q	2.3
B2SC1	1.5c
B2SC2	1.5c
B11SCG-CTF	1.5c
B11SCG-ZTF	1.5c

X11-BasinFalls	BIOS version with the fix
X11SRM-F	2.9
X11SRA/-(R)F	2.9
C9X299-PG(F)/RPGF	2.9
C9X299-PG300	2.9
C9X299-PG300F	2.9
B11SRE	2.8
X11SRi-IF	2.8

X11-Kabylake-U	BIOS version with the fix
X11SSN-H/E/L	2.2

A3-Jacobsville	BIOS version with the fix
A3SPI-4C/8C-LN6PF/HLN4F	1.2
A3SSV-8C/16C/24C-SPLN10F	1.2

A3-ElkHart Lake	BIOS version with the fix
A3SEV	1.5

A2-Denverton	BIOS version with the fix
A2SDi-H-T(P4)F	1.9
A2SDi-HLN4F	1.9
A2SDi-TP8F/LN4F	1.9
A2SDV-LN8F/LN10PF	1.9
A2SDV-TLN5F	1.9
A2SD1-3750F/3955F	1.9

A2-Apollolake	BIOS version with the fix
A2SAN-H/L/E & X11SAN	2.0
A2SAN-LN4-E/C	2.0
A2SAP-H/E/L	2.0
A2SAP-L1	2.0
A2SAV(-L) & X11SAA	2.0

H11-Naples	BIOS version with the fix
H11SSL-i/(N)C	2.8
H11SSW-NT/iN	2.8
H11DSU-I(N)	2.8
H11DSI-(N)T	2.8
H11DST-B	2.8

H11-Rome	BIOS version with the fix
H11SSL-i/(N)C	1.4
H11SSW-NT/iN	1.4
H11DSU-I(N)	1.4
H11DSI-(N)T	1.4
H11DST-B	1.4

H12-Rome/Milan	BIOS version with the fix
H12SSFF-AN6	2.9
H12DST-B	2.9
H12SSG-ANP6	TBD
H12DSI-N6/NT6	2.9
H12SSW-iN/NT	2.9
H12DGO-6	2.9
H12DSG-O-CPU	TBD
H12SSL-i/C/CT/NT	2.9
H12DGQ-NT6	2.9
H12DSG-Q-CPU6	2.9
H12SSW-INR/NTR	2.9
H12SSW-iNL/NTL	2.9
H12SSW-AN6	2.9
H12SST-PS	2.9
H12DSU-iN	2.9
H12DSU-iNR	2.9
H12SSG-AN6	2.9
H12SSFR-AN6	2.9
BH12SSi-M25	TBD

H13-AM5	BIOS version with the fix
H13SAE	1.2
H13SRD	1.2

M12-Chagal	BIOS version with the fix
M12SWA	2.2

M11-Wallaby	BIOS version with the fix
M11SDV-LN4F	1.2

Mitigation:

All products that support Root of Trust (RoT) are not affected by this vulnerability.

Supermicro is currently working on updating BIOS firmware to mitigate this issue. Please check the release notes for resolution.

Exploitation and Public Announcement:

Supermicro is not aware of any public announcements or malicious use of these vulnerabilities that is described in this advisory.

机架服务器

1U 双处理器

2U 双处理器

单处理器

多处理器

产品系列

GPU 服务器

8U GPU 系列

4U GPU 系列

2U GPU 系列

1U GPU 系列

Twin 服务器

BigTwin®

GrandTwin®

TwinPro®

Twin

FatTwin®

刀片服务器

SuperBlade®

MicroBlade®

MicroCloud

存储系列服务器

所有存储系列产品

全闪存 NVMe

顶部装载存储

企业优化的存储

主板

机箱

SuperRack®

辅助配件

Edge & Telecom Servers

Fanless Edge Systems

Compact Edge Systems

Outdoor Edge Systems

1U Edge Network Systems

5G/Telecom Systems

嵌入式/物联网主板

嵌入式系統机箱

交换机

网路卡

超级工作站

Liquid-Cooled AI Development Platform

单处理器

双处理器

Supero™ 游戏解決方案

人工智能基础设施

NVIDIA 解决方案

Intel 解决方案

AMD 解决方案

人工智能存储

边缘人工智能

人工智能超级集群

HPC

机架解决方案

液体冷却

数据管理

人工智能存储

软件定义存储和內存

超融合基础架构

Veeam

企业应用和数据分析

数据工程

数据库和 ERP

Microsoft

云端和虚拟化

Google Distributed Cloud

Canonical OpenStack

Red Hat OpenStack

Kubernetes

虚拟桌面

5G、Edge Computing 和 IoT

5G and Telecom Systems

Rakuten Symphony

IoT Edge Solutions

边缘人工智能

超大规模基础设施

OCP 解决方案

SuperCloud Composer (SCC)

关于我们

媒体新闻/商业活动及展览