4 matches found
CVE-2025-7029
A vulnerability in the Software SMI handler SwSmiInputValue 0xB2 allows a local attacker to control the RBX register, which is used to derive pointers OcHeader, OcData passed into power and thermal configuration logic. These buffers are not validated before performing multiple structured memory...
CVE-2025-7029
A vulnerability in the Software SMI handler SwSmiInputValue 0xB2 allows a local attacker to control the RBX register, which is used to derive pointers OcHeader, OcData passed into power and thermal configuration logic. These buffers are not validated before performing multiple structured memory...
CVE-2025-7029 SMM Arbitrary Write via Unchecked OcHeader Buffer in Platform Configuration Handler
A vulnerability in the Software SMI handler SwSmiInputValue 0xB2 allows a local attacker to control the RBX register, which is used to derive pointers OcHeader, OcData passed into power and thermal configuration logic. These buffers are not validated before performing multiple structured memory...
CVE-2025-7029
CVE-2025-7029 affects Gigabyte UEFI firmware via the Software SMI handler SwSmiInputValue 0xB2. The vulnerability lets an attacker locally control the RBX-derived pointers (OcHeader, OcData) used in power/thermal configuration, enabling arbitrary SMRAM writes and potential SMM privilege escalatio...