66 matches found
CVE-2021-33627
An issue was discovered in Insyde InsydeH2O Kernel 5.0 before 05.09.11, 5.1 before 05.17.11, 5.2 before 05.27.11, 5.3 before 05.36.11, 5.4 before 05.44.11, and 5.5 before 05.52.11 affecting FwBlockServiceSmm. Software SMI services that use the Communicate function of the EFISMMCOMMUNICATIONPROTOC...
CVE-2021-33627
An issue was discovered in Insyde InsydeH2O Kernel 5.0 before 05.09.11, 5.1 before 05.17.11, 5.2 before 05.27.11, 5.3 before 05.36.11, 5.4 before 05.44.11, and 5.5 before 05.52.11 affecting FwBlockServiceSmm. Software SMI services that use the Communicate function of the EFISMMCOMMUNICATIONPROTOC...
CVE-2021-42059
CVE-2021-42059 affects Insyde InsydeH2O Kernel 5.0 (before 05.08.41), 5.1 (before 05.16.41), 5.2 (before 05.26.41), 5.3 (before 05.35.41), and 5.4 (before 05.42.20). The issue is a stack-based buffer overflow in the UEFI DisplayTypeDxe DXE driver that leads to arbitrary code execution. The vulner...
CVE-2021-43522
An issue was discovered in Insyde InsydeH2O with kernel 5.1 through 2021-11-08, 5.2 through 2021-11-08, and 5.3 through 2021-11-08. A StorageSecurityCommandDxe SMM memory corruption vulnerability allows an attacker to write fixed or predictable data to SMRAM. Exploiting this issue could lead to...
PT-2022-10274 · Insyde · Insydeh2O Kernel
Name of the Vulnerable Software and Affected Versions: Insyde InsydeH2O Kernel versions 5.0 through 5.0 before 05.09.11 Insyde InsydeH2O Kernel versions 5.1 through 5.1 before 05.17.11 Insyde InsydeH2O Kernel versions 5.2 through 5.2 before 05.27.11 Insyde InsydeH2O Kernel versions 5.3 through 5....
Buffer overflow
An issue was discovered in IdeBusDxe in Insyde InsydeH2O with kernel 5.1 before 05.16.25, 5.2 before 05.26.25, 5.3 before 05.35.25, 5.4 before 05.43.25, and 5.5 before 05.51.25. A vulnerability exists in the SMM System Management Mode branch that registers a SWSMI handler that does not sufficient...