3 matches found
CVE-2022-33909
DMA transactions which are targeted at input buffers used for the HddPassword software SMI handler could cause SMRAM corruption through a TOCTOU attack. DMA transactions which are targeted at input buffers used for the software SMI handler used by the HddPassword driver could cause SMRAM corrupti...
CVE-2022-33909
DMA transactions which are targeted at input buffers used for the HddPassword software SMI handler could cause SMRAM corruption through a TOCTOU attack. DMA transactions which are targeted at input buffers used for the software SMI handler used by the HddPassword driver could cause SMRAM corrupti...
CVE-2022-33909
CVE-2022-33909 is a TOCTOU-related DMA vulnerability affecting the HddPassword SMI handler in InsydeH2O firmware. The issue arises from DMA transactions targeting input buffers used by the software SMI handler, potentially allowing SMRAM corruption. Public documentation confirms a fix was applied...