Altera Software: Quartus II, Quartus Prime
Type: Answers
Area: Tools


Last Modified: June 13, 2018
Version Found: v11.0
Version Fixed: v18.0 Update 1
Bug ID: 561333

Vulnerability in JTAG server potentially allows a local attacker to execute arbitary code

Description

With Intel® Quartus® Prime software versions from 15.1 to 18.0 and Quartus II software versions from 11.0 to 15.0, unquoted service paths may cause JTAG server to be vulnerable to the replacement of required executables. On reboot, these may be run with elevated privileges. This problem only occurs if the installation path contains spaces, if there are no spaces in the installation path then you are not affected by this vulnerability.

This problem affects Intel Quartus Prime Pro, Standard and Lite editions as well as the subscription and web editions of the Quartus II software.

This problem only affects installations on Windows.

This problem also affects the Intel Quartus Prime and Quartus II standalone programmer version 18.0 and earlier.

The Quartus II software and standalone programmer, version 10.1 and earlier, are not affected by this problem.

Workaround/Fix

To avoid this vulnerability, perform one of the following actions:

  • If the Intel® Quartus® Prime software has already been installed to a path with spaces, remedy this vulnerability by downloading and installing the patch intel_sa00151_patch.exe (md5sum: 35ce4d672cef67efebdd3d5b866e58f3), then running the script that is extracted from the patch.
  • If the Intel® Quartus® Prime software version 18.0 and earlier has not yet been installed, ensure that the installation path does not contain spaces.
  • Install the Intel® Quartus® Prime software version 18.0 Update 1 or later where the vulnerability has been fixed.

Acknowledgements:

Intel® would like to thank Stefan (@Skanthak) for reporting this problem and working with us on coordinated disclosure.

Find more KDB articles