3 matches found
CVE-2024-52879
An issue was discovered in Insyde InsydeH2O kernel 5.2 before version 05.29.50, kernel 5.3 before version 05.38.50, kernel 5.4 before version 05.46.50, kernel 5.5 before version 05.54.50, kernel 5.6 before version 05.61.50, and kernel 5.7 before version 05.70.50. In VariableRuntimeDxe driver,...
CVE-2024-52879
The CVE-2024-52879 issue affects Insyde InsydeH2O kernel variants 5.2–5.7, prior to 05.70.50. The root cause is in the VariableRuntimeDxe driver, where the SMM callback SmmUpdateVariablePropertySmi() uses StrCmp() to compare variable names, potentially causing a buffer over-read. Impact component...
CVE-2024-52879
An issue was discovered in Insyde InsydeH2O kernel 5.2 before version 05.29.50, kernel 5.3 before version 05.38.50, kernel 5.4 before version 05.46.50, kernel 5.5 before version 05.54.50, kernel 5.6 before version 05.61.50, and kernel 5.7 before version 05.70.50. In VariableRuntimeDxe driver,...