2 matches found
The vulnerability of the ChipsetSvcSmm component in the InsydeH2O UEFI firmware creation framework allows a attacker to cause memory corruption.
The vulnerability of the ChipsetSvcSmm component in the InsydeH2O UEFI firmware development framework is related to the execution of operations outside of the buffer boundaries in memory. Exploiting this vulnerability can allow an attacker to cause memory corruption...
CVE-2022-35896
An issue SMM memory leak vulnerability in SMM driver SMRAM was discovered in Insyde InsydeH2O with kernel 5.0 through 5.5. An attacker can dump SMRAM contents via the software SMI provided by the FvbServicesRuntimeDxe driver to read the contents of SMRAM, leading to information disclosure...