Intel's Alder Lake BIOS Source Code Reportedly Leaked Online

Raptor Lake ES tests
(Image credit: EXP Review)

An unknown individual has purportedly leaked the source code for Intel's Alder Lake BIOS onto 4chan, and a duplicate copy now appears to be posted to GitHub. The files are contained in a 2.8 GB zip file that expands to 5.86 GB after decompression, but we haven't been able to verify if the contents therein are genuine and actually contain sensitive source code. 

UPDATE (10/9/2022): In a new story, we have reported that Intel has now confirmed the leak is legitimate and security researchers are analyzing the code for vulnerabilities. 

News of the purported leak comes via Twitter postings from @glowingfreak and @vxunderground. We have reached out to Intel for comment. 

See more

The file appears to contain a plethora of files and tools geared for building a BIOS/UEFI for Intel's Alder Lake platform and chipsets. It is unclear where the leaker obtained the files, but one of the documents does refer to "Lenovo Feature Tag Test Information." A few other clues have also emerged via the git log. 

Even if the files are proven to include sensitive material, it's unclear if they could be used to develop exploits — especially if it was obtained from a source external to Intel. It's easy to imagine that most motherboard vendors and OEMs would have similar tools and information available to build firmware for Intel platforms, and Intel would likely scrub any overly-sensitive material before releasing it to external vendors. That said, any sensitive material in the hands of nefarious actors is never good, and small bits of information can lead to big vulnerabilities. Especially if it pertains to security features like the TPM (Trusted Platform Module).

While we don't know how the files were obtained, recent hacks have targeted outside vendors to steal information from semiconductor manufacturers indirectly, thus enabling ransom attempts.

The spate of recent attacks includes an attempt by RansomHouse to extort AMD after it obtained 56GB of data. AMD partner Gigabyte also had 112 GB of sensitive data stolen in the infamous 'Gigabyte Hack,' but AMD refused to pay the ransom for the latter hack. As a result, information about AMD's forthcoming Zen 4 processors was divulged before launch, which later proved genuine.

Nvidia also suffered a recent attack that resulted in the theft of 1TB of its data, but the GPU-making giant retaliated with its own operations to render the stolen data useless.

We don't know further details about the purported Intel leak, but we're working on learning more from the company. We'll update as necessary. 

Paul Alcorn
Managing Editor: News and Emerging Tech

Paul Alcorn is the Managing Editor: News and Emerging Tech for Tom's Hardware US. He also writes news and reviews on CPUs, storage, and enterprise hardware.

  • hotaru251
    geared for building a BIOS/UEFI for Intel's Alder Lake platform and chipsets.

    wonder if this would allow people to make custom bios (and thus allow OC on non k series)
    Reply
  • atomicWAR
    hotaru251 said:
    wonder if this would allow people to make custom bios (and thus allow OC on non k series)

    Base clock OC could/should well be. Using a multipler not so much, that's on a silcon level if I recall correctly.
    Reply
  • DavidLejdar
    Then again, Alder Lake is so 2021, which in the IT world is like bread from August. Joke of course, coming from someone writing this with an i5-4570.

    Seriously though, stories like these show why it is good to keep on top of knowing which BIOS/UEFI version one has and how to update it, especially if an network-admin, etc. E.g. less than a year ago there was an update fixing issues with some Intel CPUs, and around the same time AMD also had a patch fixing an issue for some CPUs (in this case a drivers patch).

    Which isn't to say that the leak surely means that a security flaw has been exposed. For all we know, it may be just some instructions like one gets when assembling some furniture piece. But if a flaw gets exposed, it is likely to get addressed, and up to users though to implement the fix, in particular on a level which doesn't come with automatic updates.
    Reply
  • palladin9479
    Having source code doesn't lead to hackers suddenly knowing how to get inside, they could already figure that out by just bashing against a binary. What this does is let custom ROM folks have an idea on how to build custom roms for this platform, which enables features that Intel and MB makers wouldn't want enabled.
    Reply
  • jp7189
    Even if this does lead to an outright vulnerability, it will likely give tools or clues to malware creators. Firmware malware is an increasing problem.
    Reply
  • PC Hardware Nerd
    It will be interesting to see if this turns out to be genuine and whether or not it allows for significant performance improvements in lower end hardware.
    Reply
  • Mpablo87
    I think it Will be better to install ! ! ! ! !

    Good Idea ! ! ! !
    Reply