Lucene search

[email protected]NVD:CVE-2023-40238

HistoryDec 07, 2023 - 4:15 a.m.

CVE-2023-40238

2023-12-0704:15:06

CWE-312

[email protected]

web.nvd.nist.gov

logofail

bmpdecoderdxe

insydeh2o

kernel 5.x

lenovo

image parsing

uefi

integer signedness error

rle4

rle8

CVSS3

5.5

Attack Vector

LOCAL

Attack Complexity

LOW

Privileges Required

LOW

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

HIGH

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H

EPSS

Percentile

15.6%

JSON

A LogoFAIL issue was discovered in BmpDecoderDxe in Insyde InsydeH2O with kernel 5.2 before 05.28.47, 5.3 before 05.37.47, 5.4 before 05.45.47, 5.5 before 05.53.47, and 5.6 before 05.60.47 for certain Lenovo devices. Image parsing of crafted BMP logo files can copy data to a specific address during the DXE phase of UEFI execution. This occurs because of an integer signedness error involving PixelHeight and PixelWidth during RLE4/RLE8 compression.

Affected configurations

Nvd

Node

insydeinsydeh2oRange5.2–5.2.05.28.47

insydeinsydeh2oRange5.3–5.3.05.37.47

insydeinsydeh2oRange5.4–5.4.05.45.47

insydeinsydeh2oRange5.5–5.5.05.53.47

insydeinsydeh2oRange5.6–5.6.05.60.47

VendorProductVersionCPE
insydeinsydeh2o*cpe:2.3:a:insyde:insydeh2o:*:*:*:*:*:*:*:*

Vendor	Product	Version	CPE
insyde	insydeh2o	*	cpe:2.3:a:insyde:insydeh2o::::::::

References

binarly.io/posts/finding_logofail_the_dangers_of_image_parsing_during_system_boot/index.html

security.netapp.com/advisory/ntap-20240105-0002/

www.insyde.com/security-pledge

www.insyde.com/security-pledge/SA-2023053

www.kb.cert.org/vuls/id/811862

CVSS3

5.5

Attack Vector

LOCAL

Attack Complexity

LOW

Privileges Required

LOW

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

HIGH

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H

EPSS

Percentile

15.6%

JSON

Related for NVD:CVE-2023-40238

prion1 cve1 cvelist1 cert1 hp1