Lucene search
K

8 matches found

OSV
OSV
added 2023/02/15 3:15 a.m.5 views

CVE-2022-32476

An issue was discovered in Insyde InsydeH2O with kernel 5.0 through 5.5. DMA attacks on the AhciBusDxe shared buffer used by SMM and non-SMM code could cause TOCTOU race-condition issues that could lead to corruption of SMRAM and escalation of privileges. This attack can be mitigated using IOMMU...

7CVSS6AI score0.00132EPSS
Exploits0References2
OSV
OSV
added 2022/11/15 10:15 p.m.4 views

CVE-2022-29276

SMI functions in AhciBusDxe use untrusted inputs leading to corruption of SMRAM. SMI functions in AhciBusDxe use untrusted inputs leading to corruption of SMRAM. This issue was discovered by Insyde during security review. It was fixed in: Kernel 5.0: version 05.09.18 Kernel 5.1: version 05.17.18...

8.2CVSS5.8AI score0.00193EPSS
Exploits0References2
Positive Technologies
Positive Technologies
added 2022/11/15 12:0 a.m.6 views

PT-2022-19516 · Insyde · Ahcibusdxe

Name of the Vulnerable Software and Affected Versions: AhciBusDxe versions prior to 05.09.18 AhciBusDxe versions prior to 05.17.18 AhciBusDxe versions prior to 05.27.18 AhciBusDxe versions prior to 05.36.18 AhciBusDxe versions prior to 05.44.18 AhciBusDxe versions prior to 05.52.18 Description: S...

8.2CVSS8.2AI score0.00193EPSS
Exploits0References4
Positive Technologies
Positive Technologies
added 2022/11/14 12:0 a.m.7 views

PT-2022-21897 · Insyde · Ahcibusdxe

Name of the Vulnerable Software and Affected Versions: AhciBusDxe driver versions prior to kernel 5.2: 05.27.23 AhciBusDxe driver versions prior to kernel 5.3: 05.36.23 AhciBusDxe driver versions prior to kernel 5.4: 05.44.23 AhciBusDxe driver versions prior to kernel 5.5: 05.52.23 Description: T...

7CVSS6.8AI score0.00132EPSS
Exploits0References3
OSV
OSV
added 2022/02/03 2:15 a.m.5 views

CVE-2022-24030

An issue was discovered in AhciBusDxe in Insyde InsydeH2O with kernel 5.1 through 5.5. An SMM memory corruption vulnerability allows an attacker to write fixed or predictable data to SMRAM. Exploiting this issue could lead to escalating privileges to SMM...

7.5CVSS7.3AI score0.00302EPSS
Exploits0References5
OSV
OSV
added 2022/02/03 2:15 a.m.2 views

CVE-2021-41841

An issue was discovered in AhciBusDxe in the kernel 5.0 through 5.5 in Insyde InsydeH2O. There is an SMM callout that allows an attacker to access the System Management Mode and execute arbitrary code. This occurs because of Inclusion of Functionality from an Untrusted Control Sphere...

8.2CVSS6AI score
Exploits0References5
OSV
OSV
added 2022/02/03 12:15 a.m.2 views

CVE-2022-24069

An issue was discovered in AhciBusDxe in Insyde InsydeH2O with kernel 5.0 before 05.08.41, 5.1 before 05.16.29, 5.2 before 05.26.29, 5.3 before 05.35.29, 5.4 before 05.43.29, and 5.5 before 05.51.29. An SMM callout vulnerability allows an attacker to hijack the execution flow of code running in...

8.2CVSS5.9AI score
Exploits0References4
OSV
OSV
added 2022/01/05 11:15 p.m.3 views

CVE-2021-45969

An issue was discovered in AhciBusDxe in Insyde InsydeH2O with kernel 5.1 before 05.16.25, 5.2 before 05.26.25, 5.3 before 05.35.25, 5.4 before 05.43.25, and 5.5 before 05.51.25. A vulnerability exists in the SMM System Management Mode branch that registers a SWSMI handler that does not...

8.2CVSS6AI score0.00279EPSS
Exploits0References4
Rows per page
Query Builder