610 matches found
CVE-2023-0202
NVIDIA DGX A100 SBIOS contains a vulnerability where an attacker may modify arbitrary memory of SMRAM by exploiting the GenericSio and LegacySmmSredir SMM APIs. A successful exploit of this vulnerability may lead to denial of service, escalation of privileges, and information disclosure...
CVE-2023-0202
NVIDIA DGX A100 SBIOS contains a vulnerability where an attacker may modify arbitrary memory of SMRAM by exploiting the GenericSio and LegacySmmSredir SMM APIs. A successful exploit of this vulnerability may lead to denial of service, escalation of privileges, and information disclosure...
NVIDIA DGX 安全漏洞
NVIDIA DGX is a high-performance workstation for deep learning applications from NVIDIA. A security vulnerability exists in the NVIDIA DGX A100 SBIOS that originates from an attacker being able to modify arbitrary memory in SMRAM using the GenericSio and LegacySmmSredir SMM APIs, which could resu...
PT-2023-16085 · Nvidia · Nvidia Dgx A100 Sbios
Name of the Vulnerable Software and Affected Versions: NVIDIA DGX A100 SBIOS affected versions not specified Description: The issue allows an attacker to modify arbitrary memory of SMRAM by exploiting the NVME SMM API, potentially leading to denial of service, escalation of privileges, and...
CVE-2023-22616
An issue was discovered in Insyde InsydeH2O with kernel 5.2 through 5.5. The Save State register is not checked before use. The IhisiSmm driver does not check the value of a save state register before use. Due to insufficient input validation, an attacker can corrupt SMRAM...
Input validation
An issue was discovered in Insyde InsydeH2O with kernel 5.2 through 5.5. The Save State register is not checked before use. The IhisiSmm driver does not check the value of a save state register before use. Due to insufficient input validation, an attacker can corrupt SMRAM...
CVE-2023-22616
An issue was discovered in Insyde InsydeH2O with kernel 5.2 through 5.5. The Save State register is not checked before use. The IhisiSmm driver does not check the value of a save state register before use. Due to insufficient input validation, an attacker can corrupt SMRAM...
CVE-2023-22616
An issue was discovered in Insyde InsydeH2O with kernel 5.2 through 5.5. The Save State register is not checked before use. The IhisiSmm driver does not check the value of a save state register before use. Due to insufficient input validation, an attacker can corrupt SMRAM...
CVE-2023-22616
CVE-2023-22616 affects Insyde InsydeH2O BIOS (kernel 5.2–5.5) with the IhisiSmm driver failing to validate the Save State register before use, enabling potential SMRAM corruption due to insufficient input validation. The documents specify the vulnerability and impact but do not provide an explici...
Insyde InsydeH2O 安全漏洞
Insyde InsydeH2O is a C-language source from Insyde Corporation of Taiwan, which implements the new technology "EFI/UEFI" specification designed to replace the traditional BIOS Basic Input/Output System. A security vulnerability exists in Insyde InsydeH2O versions 5.0 to 5.5, which stems from a...
Memory corruption
An issue was discovered in IhisiSmm in Insyde InsydeH2O with kernel 5.0 through 5.5. It is possible to write to an attacker-controlled address. An attacker could invoke an SMI handler with a malformed pointer in RCX that overlaps SMRAM, resulting in SMM memory corruption...
CVE-2023-22615
An issue was discovered in IhisiSmm in Insyde InsydeH2O with kernel 5.0 through 5.5. IHISI subfunction execution may corrupt SMRAM. An attacker can pass an address in the RCX save state register that overlaps SMRAM, thereby coercing an IHISI subfunction handler to overwrite private SMRAM...
CVE-2023-22615
An issue was discovered in IhisiSmm in Insyde InsydeH2O with kernel 5.0 through 5.5. IHISI subfunction execution may corrupt SMRAM. An attacker can pass an address in the RCX save state register that overlaps SMRAM, thereby coercing an IHISI subfunction handler to overwrite private SMRAM...
Code injection
An issue was discovered in IhisiSmm in Insyde InsydeH2O with kernel 5.0 through 5.5. IHISI subfunction execution may corrupt SMRAM. An attacker can pass an address in the RCX save state register that overlaps SMRAM, thereby coercing an IHISI subfunction handler to overwrite private SMRAM...
CVE-2023-22615
An issue was discovered in IhisiSmm in Insyde InsydeH2O with kernel 5.0 through 5.5. IHISI subfunction execution may corrupt SMRAM. An attacker can pass an address in the RCX save state register that overlaps SMRAM, thereby coercing an IHISI subfunction handler to overwrite private SMRAM...
CVE-2023-22613
An issue was discovered in IhisiSmm in Insyde InsydeH2O with kernel 5.0 through 5.5. It is possible to write to an attacker-controlled address. An attacker could invoke an SMI handler with a malformed pointer in RCX that overlaps SMRAM, resulting in SMM memory corruption...
CVE-2023-22615
An issue was discovered in IhisiSmm in Insyde InsydeH2O with kernel 5.0 through 5.5. IHISI subfunction execution may corrupt SMRAM. An attacker can pass an address in the RCX save state register that overlaps SMRAM, thereby coercing an IHISI subfunction handler to overwrite private SMRAM...
CVE-2023-22615
CVE-2023-22615 affects Insyde InsydeH2O’s IhisiSmm subsystem (kernel 5.0–5.5). The root cause is a flaw in IHISI state handling that allows an attacker to pass an address in the RCX save state register that overlaps SMRAM, causing an IHISI subfunction handler to overwrite private SMRAM. This can ...
K45810018: Multiple Insyde BIOS/EFI vulnerabilities
Security Advisory Description CVE-2020-5953 A vulnerability exists in System Management Interrupt SWSMI handler of InsydeH2O UEFI Firmware code located in SWSMI handler that dereferences gRT EFIRUNTIMESERVICES pointer to call a GetVariable service, which is located outside of SMRAM. This can resu...
Dell BIOS Input Validation Error Vulnerability (CNVD-2023-14506)
Dell BIOS is embedded software on a small memory chip on a computer motherboard from Dell, U.S.A. An input validation error vulnerability exists in Dell BIOS, which stems from incorrect input validation. An attacker could use the SMI Serial Interface to execute arbitrary code in SMRAM...