Multiple race conditions due to TOCTOU flaws in various UEFI Implementations

Overview Multiple Unified Extensible Firmware Interface UEFI implementations are vulnerable to code execution in System Management Mode SMM by an attacker who gains administrative privileges on the local machine. An attacker can corrupt the memory using Direct Memory Access DMA timing attacks tha...