VU#746790: SMM callout vulnerabilities identified in Gigabyte UEFI firmware modules
System Management Mode (SMM) callout vulnerabilities have been identified in UEFI modules present in Gigabyte firmware. These vulnerabilities can be exploited to elevate privileges and execute arbitrary code in the SMM environment of a UEFI-supported processor. The Unified Extensible Firmware Interface (UEFI) specification defines an interface between an operating system and platform firmware, and UEFI can interact directly with hardware using SMM. SMM operations are executed within a protected memory region called System Management RAM (SMRAM) and are only accessible through System Management Interrupt (SMI) handlers. Four vulnerabilities were identified in Gigabyte firmware implementations, including unchecked use of the RBX register, lack of validation of function pointer structures, double pointer dereference vulnerability, and attacker-controlled RBX register used as an unchecked pointer. These vulnerabilities can be triggered via SMI handlers from within the operating system or during early boot phases, sleep states, or recovery modes. An attacker with local or remote administrative privileges may exploit these vulnerabilities to execute arbitrary code in System Management Mode, bypassing OS-level protections. Exploitation can disable UEFI security mechanisms such as Secure Boot and Intel BootGuard, enabling stealthy firmware implants and persistent control over the system. Gigabyte has issued updated firmware to address the vulnerabilities, and users are strongly advised to visit the Gigabyte support site to determine if their systems are affected and to apply the necessary updates.