Guest Initiated Machine Check Errors

Summary AMD received a report from the security team at Amazon Web Services AWS indicating that it may be possible for guest VMs to cause a crash of a host system. By flooding the host system with a large number of malformed System Management Interrupts SMIs, it may be possible for a guest VM to...

The vulnerability of the SwSmiInputValue() function, a handler for System Management Interrupts in Gigabyte’s microprogramming motherboard software, allows attackers to circumvent security restrictions, gain elevated privileges, and execute arbitrary code.

The vulnerability of the SwSmiInputValue function, a handler for System Management Interrupts in Gigabyte’s microprogramming motherboard software, is related to the use of an unreliable pointer. Exploiting this vulnerability can allow attackers to bypass security restrictions, gain elevated...

The vulnerability of the SwSmiInputValue() function, a handler for System Management Interrupts in Gigabyte’s microprogramming motherboard software, allows attackers to circumvent security restrictions, gain elevated privileges, and execute arbitrary code.

The vulnerability of the SwSmiInputValue function, a handler for System Management Interrupts in Gigabyte’s microprogramming motherboard software, is related to the use of an unreliable pointer. Exploiting this vulnerability can allow attackers to bypass security restrictions, gain elevated...

Insyde InsydeH2O 缓冲区错误漏洞

Insyde InsydeH2O is a C-language source from Insyde Corporation of Taiwan, which implements the new technology "EFI/UEFI" specification designed to replace the traditional BIOS Basic Input/Output System. A security vulnerability exists in Insyde InsydeH2O 5.1 to 5.5, which stems from an...

PT-2022-19516 · Insyde · Ahcibusdxe

Name of the Vulnerable Software and Affected Versions: AhciBusDxe versions prior to 05.09.18 AhciBusDxe versions prior to 05.17.18 AhciBusDxe versions prior to 05.27.18 AhciBusDxe versions prior to 05.36.18 AhciBusDxe versions prior to 05.44.18 AhciBusDxe versions prior to 05.52.18 Description: S...

Dell BIOS 安全漏洞

Dell BIOS is embedded software on a small memory chip on the motherboard of a computer from Dell USA. A buffer overflow vulnerability exists in Dell BIOS, which can be exploited by an authenticated, local attacker to execute intentional code in SMRAM using SMI...

CVE-2022-26859

Dell BIOS contains a race condition vulnerability. A local attacker could exploit this vulnerability by sending malicious input via SMI in order to bypass security checks during SMM...

Dell BIOS 缓冲区错误漏洞

Dell BIOS is embedded software on a small memory chip SMM on a computer motherboard from Dell, Inc. A security vulnerability exists in Dell BIOS, which stems from the inclusion of a stack-based buffer overflow vulnerability that can be exploited by a local attacker by sending malicious input via...

Dell Bios 输入验证错误漏洞

Dell Bios is embedded software on a small memory chip on the motherboard of a computer from Dell USA. A security vulnerability exists in Dell BIOS that stems from incorrect input validation of the software. A locally authenticated attacker could use this vulnerability to potentially exploit the...

CVE-2022-21933

ASUS VivoMini/Mini PC device has an improper input validation vulnerability. A local attacker with system privilege can use system management interrupt SMI to modify memory, resulting in arbitrary code execution for controlling the system or disrupting service...