Siemens InsydeH2O Time-of-check Time-of-use Race Condition (CVE-2022-32473)

An issue was discovered in Insyde InsydeH2O with kernel 5.0 through 5.5. DMA attacks on the HddPassword shared buffer used by SMM and non- SMM code could cause TOCTOU race-condition issues that could lead to corruption of SMRAM and escalation of privileges. This attack can be mitigated using IOMM...

Siemens InsydeH2O Time-of-check Time-of-use Race Condition (CVE-2022-32476)

An issue was discovered in Insyde InsydeH2O with kernel 5.0 through 5.5. DMA attacks on the AhciBusDxe shared buffer used by SMM and non- SMM code could cause TOCTOU race-condition issues that could lead to corruption of SMRAM and escalation of privileges. This attack can be mitigated using IOMMU...

Siemens InsydeH2O Time-of-check Time-of-use Race Condition (CVE-2022-32478)

An issue was discovered in Insyde InsydeH2O with kernel 5.0 through 5.5. DMA attacks on the IdeBusDxe shared buffer used by SMM and non- SMM code could cause TOCTOU race-condition issues that could lead to corruption of SMRAM and escalation of privileges. This attack can be mitigated using IOMMU...

Siemens InsydeH2O Time-of-check Time-of-use Race Condition (CVE-2022-32477)

An issue was discovered in Insyde InsydeH2O with kernel 5.0 through 5.5. DMA attacks on the FvbServicesRuntimeDxe shared buffer used by SMM and non-SMM code could cause TOCTOU race-condition issues that could lead to corruption of SMRAM and escalation of privileges. This attack can be mitigated...

CVE-2022-32477

An issue was discovered in Insyde InsydeH2O with kernel 5.0 through 5.5. DMA attacks on the FvbServicesRuntimeDxe shared buffer used by SMM and non-SMM code could cause TOCTOU race-condition issues that could lead to corruption of SMRAM and escalation of privileges. This attack can be mitigated...

Race condition

An issue was discovered in Insyde InsydeH2O with kernel 5.0 through 5.5. DMA attacks on the FvbServicesRuntimeDxe shared buffer used by SMM and non-SMM code could cause TOCTOU race-condition issues that could lead to corruption of SMRAM and escalation of privileges. This attack can be mitigated...

Race condition

An issue was discovered in Insyde InsydeH2O with kernel 5.0 through 5.5. DMA attacks on the AhciBusDxe shared buffer used by SMM and non-SMM code could cause TOCTOU race-condition issues that could lead to corruption of SMRAM and escalation of privileges. This attack can be mitigated using IOMMU...

CVE-2022-32476

An issue was discovered in Insyde InsydeH2O with kernel 5.0 through 5.5. DMA attacks on the AhciBusDxe shared buffer used by SMM and non-SMM code could cause TOCTOU race-condition issues that could lead to corruption of SMRAM and escalation of privileges. This attack can be mitigated using IOMMU...

CVE-2022-32476

CVE-2022-32476 affects InsydeInsydeH2O firmware (kernel 5.0–5.5). DMA-driven TOCTOU between SMM and non-SMM paths on AhciBusDxe shared buffer could corrupt SMRAM and enable privilege escalation. Mitigations documented: enable IOMMU protection for the ACPI runtime memory used by the command buffer...

CVE-2022-32478

CVE-2022-32478 concerns InsydeH2O firmware (kernel 5.0–5.5). A DMA-driven TOCTOU race in the IdeBusDxe shared buffer used by SMM and non-SMM code could lead to SMRAM corruption and privilege escalation. Documented mitigations include enabling IOMMU protection for the ACPI runtime memory that back...

CVE-2022-32473

CVE-2022-32473 affects InsydeH2O firmware (kernel 5.0–5.5). The issue is a TOCTOU race condition in a DMA path where the HddPassword shared buffer is accessed by SMM and non-SMM code, risking SMRAM corruption and privilege escalation. The underlying vulnerability arises from timing when the firmw...

CVE-2022-32474

An issue was discovered in Insyde InsydeH2O with kernel 5.0 through 5.5. DMA attacks on the StorageSecurityCommandDxe shared buffer used by SMM and non-SMM code could cause TOCTOU race-condition issues that could lead to corruption of SMRAM and escalation of privileges. This attack can be mitigat...