Vulnerability in UEFI firmware modules prevents IOMMU initialization on some UEFI-based motherboards

Overview A newly identified vulnerability in some UEFI-supported motherboard models leaves systems vulnerable to early-boot DMA attacks across architectures that implement UEFI and IOMMU. Although the firmware indicates that DMA protection is active, it fails to correctly initialize the IOMMU...

EUVD-2022-52598

Malicious code in bioql PyPI...

EUVD-2022-37016

Malicious code in bioql PyPI...

EUVD-2022-53463

Malicious code in bioql PyPI...

EUVD-2022-35548

Malicious code in bioql PyPI...

EUVD-2022-35545

Malicious code in bioql PyPI...

EUVD-2022-36019

Malicious code in bioql PyPI...

EUVD-2022-35541

Malicious code in bioql PyPI...

EUVD-2022-35542

Malicious code in bioql PyPI...

EUVD-2022-35550

Malicious code in bioql PyPI...

EUVD-2022-35547

Malicious code in bioql PyPI...

EUVD-2022-36020

Malicious code in bioql PyPI...

EUVD-2022-36021

Malicious code in bioql PyPI...

EUVD-2022-52597

Malicious code in bioql PyPI...

EUVD-2022-37020

Malicious code in bioql PyPI...

EUVD-2022-35549

Malicious code in bioql PyPI...

EUVD-2022-52236

Malicious code in bioql PyPI...

CVE-2022-32266

DMA attacks on the parameter buffer used by a software SMI handler used by the driver PcdSmmDxe could lead to a TOCTOU attack on the SMI handler and lead to corruption of other ACPI fields and adjacent memory fields. DMA attacks on the parameter buffer used by a software SMI handler used by the...

CVE-2022-32470

An issue was discovered in Insyde InsydeH2O with kernel 5.0 through 5.5. DMA attacks on the FwBlockServiceSmm shared buffer used by SMM and non-SMM code could cause TOCTOU race-condition issues that could lead to corruption of SMRAM and escalation of privileges. This attack can be mitigated using...

CVE-2022-33982

DMA attacks on the parameter buffer used by the Int15ServiceSmm software SMI handler could lead to a TOCTOU attack on the SMI handler and lead to corruption of SMRAM. DMA attacks on the parameter buffer used by the software SMI handler used by the driver Int15ServiceSmm could lead to a TOCTOU...