6 matches found
EUVD-2023-26750
Malicious code in bioql PyPI...
Siemens InsydeH2O Out-of-bounds Write (CVE-2023-22614)
An issue was discovered in ChipsetSvcSmm in Insyde InsydeH2O with kernel 5.0 through 5.5. There is insufficient input validation in BIOS Guard updates. An attacker can induce memory corruption in SMM by supplying malformed inputs to the BIOS Guard SMI handler. Insyde BIOS is typically used in...
CVE-2023-22614
An issue was discovered in ChipsetSvcSmm in Insyde InsydeH2O with kernel 5.0 through 5.5. There is insufficient input validation in BIOS Guard updates. An attacker can induce memory corruption in SMM by supplying malformed inputs to the BIOS Guard SMI handler...
Input validation
An issue was discovered in ChipsetSvcSmm in Insyde InsydeH2O with kernel 5.0 through 5.5. There is insufficient input validation in BIOS Guard updates. An attacker can induce memory corruption in SMM by supplying malformed inputs to the BIOS Guard SMI handler...
CVE-2023-22614
CVE-2023-22614 affects InsydeH2O (ChipsetSvcSmm) with kernel 5.0–5.5. The root cause is insufficient input validation in BIOS Guard updates, allowing a malformed BIOS Guard SMI to trigger memory corruption in SMM. The vulnerability is described across multiple sources (NVD, Red Hat, Tenable plugi...
CVE-2023-22614
An issue was discovered in ChipsetSvcSmm in Insyde InsydeH2O with kernel 5.0 through 5.5. There is insufficient input validation in BIOS Guard updates. An attacker can induce memory corruption in SMM by supplying malformed inputs to the BIOS Guard SMI handler...