Jump to content

CVE-2024-36877

Check-IN

By Check-IN,
in General Discussion

 Share
5 posts in this topic

Recommended Posts

Check-IN
Check-IN
Posted
Posted

Hi, I’m experiencing boot failures after updating the BIOS on an MSI Z490I UNIFY that contains a security fix for CVE-2024-36877. The latest firmware includes an SMM Lock Bypass mitigation (security patch / AGESA update) that prevents certain System Management Mode behaviors, presumably changing how the SMM 0xE3 handler validates inputs.

After updating, the board fails to boot macOS (OpenCore is used). Downgrading fixes the issue and restores booting. The symptoms include … (describe specific boot errors/behaviors).

Official BIOS notes say: • Fixed CVE-2024-36877 security issue (SMM Lock Bypass uCode fix)
• AGESA ComboAm4v2PI 1.2.x update. This patch is intended to mitigate a vulnerability in the SMM SW handler allowing a write-what-where condition, but it seems to break macOS OpenCore boot.

Questions:

Do you know what exact change in the SMM handler is causing this incompatibility with macOS/bootloader?

Is there a known patch, workaround, or custom BIOS mod to preserve the security fix (SMM Lock Bypass mitigation) without breaking boot behavior?

Are there firmware flags or SMBIOS/UEFI settings that can isolate the security mitigation from the faulty boot path?

Thanks!

Link to comment
https://www.insanelymac.com/forum/topic/362425-cve-2024-36877/
Share on other sites
Check-IN
Check-IN
Posted
  • Author
Posted

I’ve already downgraded and everything works perfectly now.

 

I wasn’t asking for philosophy or the usual “never update BIOS” wisdom — I was asking if anyone has found a real technical workaround that allows the latest firmware to coexist with macOS.

 

If the answer is no, that’s totally fine. But repeating common forum clichés isn’t exactly helpful.

  • Like 1
  • Sad 1
 Share
Go to topic listing
×
×
  • Create New...