Lucene search
K

81 matches found

NVD
NVD
added 2022/11/15 10:15 p.m.38 views

CVE-2022-29279

Use of a untrusted pointer allows tampering with SMRAM and OS memory in SdHostDriver and SdMmcDevice Use of a untrusted pointer allows tampering with SMRAM and OS memory in SdHostDriver and SdMmcDevice. This issue was discovered by Insyde during security review. It was fixed in: Kernel 5.0: versi...

8.2CVSS0.00193EPSS
Exploits0References2
NVD
NVD
added 2022/11/15 10:15 p.m.32 views

CVE-2022-29276

SMI functions in AhciBusDxe use untrusted inputs leading to corruption of SMRAM. SMI functions in AhciBusDxe use untrusted inputs leading to corruption of SMRAM. This issue was discovered by Insyde during security review. It was fixed in: Kernel 5.0: version 05.09.18 Kernel 5.1: version 05.17.18...

8.2CVSS0.00193EPSS
Exploits0References2
Prion
Prion
added 2022/11/15 10:15 p.m.25 views

Null pointer dereference

Use of a untrusted pointer allows tampering with SMRAM and OS memory in SdHostDriver and SdMmcDevice Use of a untrusted pointer allows tampering with SMRAM and OS memory in SdHostDriver and SdMmcDevice. This issue was discovered by Insyde during security review. It was fixed in: Kernel 5.0: versi...

4CVSS8.1AI score0.00193EPSS
Exploits0References2Affected Software1
Prion
Prion
added 2022/11/15 10:15 p.m.23 views

Null pointer dereference

Incorrect pointer checks within the NvmExpressDxe driver can allow tampering with SMRAM and OS memory Incorrect pointer checks within the NvmExpressDxe driver can allow tampering with SMRAM and OS memory. This issue was discovered by Insyde during security review. Fixed in: Kernel 5.1: Version...

4CVSS8.2AI score0.00193EPSS
Exploits0References2Affected Software1
NVD
NVD
added 2022/11/15 9:15 p.m.35 views

CVE-2022-29275

In UsbCoreDxe, untrusted input may allow SMRAM or OS memory tampering Use of untrusted pointers could allow OS or SMRAM memory tampering leading to escalation of privileges. This issue was discovered by Insyde during security review. It was fixed in: Kernel 5.0: version 05.09.21 Kernel 5.1: versi...

8.2CVSS0.00193EPSS
Exploits0References2
NVD
NVD
added 2022/11/15 9:15 p.m.27 views

CVE-2022-30771

Initialization function in PnpSmm could lead to SMRAM corruption when using subsequent PNP SMI functions Initialization function in PnpSmm could lead to SMRAM corruption when using subsequent PNP SMI functions. This issue was discovered by Insyde engineering during a security review. Fixed in:...

8.2CVSS0.00193EPSS
Exploits0References2
Prion
Prion
added 2022/11/15 9:15 p.m.19 views

Design/Logic Flaw

Initialization function in PnpSmm could lead to SMRAM corruption when using subsequent PNP SMI functions Initialization function in PnpSmm could lead to SMRAM corruption when using subsequent PNP SMI functions. This issue was discovered by Insyde engineering during a security review. Fixed in:...

4CVSS8.1AI score0.00193EPSS
Exploits0References2Affected Software1
Prion
Prion
added 2022/11/15 9:15 p.m.20 views

Buffer overflow

In UsbCoreDxe, tampering with the contents of the USB working buffer using DMA while certain USB transactions are in process leads to a TOCTOU problem that could be used by an attacker to cause SMRAM corruption and escalation of privileges The UsbCoreDxe module creates a working buffer for USB...

3.4CVSS8.3AI score0.00135EPSS
Exploits0References2Affected Software1
NVD
NVD
added 2022/11/15 12:15 a.m.31 views

CVE-2022-33984

DMA transactions which are targeted at input buffers used for the SdMmcDevice software SMI handler could cause SMRAM corruption through a TOCTOU attack. DMA transactions which are targeted at input buffers used for the software SMI handler used by the SdMmcDevice driver could cause SMRAM corrupti...

7CVSS0.00151EPSS
Exploits0References3
NVD
NVD
added 2022/11/15 12:15 a.m.31 views

CVE-2022-33909

DMA transactions which are targeted at input buffers used for the HddPassword software SMI handler could cause SMRAM corruption through a TOCTOU attack. DMA transactions which are targeted at input buffers used for the software SMI handler used by the HddPassword driver could cause SMRAM corrupti...

7CVSS0.00132EPSS
Exploits0References2
NVD
NVD
added 2022/11/15 12:15 a.m.20 views

CVE-2022-33985

DMA transactions which are targeted at input buffers used for the NvmExpressDxe software SMI handler could cause SMRAM corruption through a TOCTOU attack. DMA transactions which are targeted at input buffers used for the software SMI handler used by the NvmExpressDxe driver could cause SMRAM...

7CVSS0.00132EPSS
Exploits0References2
NVD
NVD
added 2022/11/15 12:15 a.m.27 views

CVE-2022-33983

DMA transactions which are targeted at input buffers used for the NvmExpressLegacy software SMI handler could cause SMRAM corruption through a TOCTOU attack. DMA transactions which are targeted at input buffers used for the software SMI handler used by the NvmExpressLegacy driver could cause SMRA...

7CVSS0.00158EPSS
Exploits0References2
NVD
NVD
added 2022/11/15 12:15 a.m.23 views

CVE-2022-30774

DMA attacks on the parameter buffer used by the PnpSmm driver could change the contents after parameter values have been checked but before they are used a TOCTOU attack DMA attacks on the parameter buffer used by the PnpSmm driver could change the contents after parameter values have been checke...

6.4CVSS0.00151EPSS
Exploits0References3
Prion
Prion
added 2022/11/15 12:15 a.m.21 views

Code injection

DMA attacks on the parameter buffer used by the PnpSmm driver could change the contents after parameter values have been checked but before they are used a TOCTOU attack DMA attacks on the parameter buffer used by the PnpSmm driver could change the contents after parameter values have been checke...

3.4CVSS6.6AI score0.00151EPSS
Exploits0References3Affected Software1
Prion
Prion
added 2022/11/15 12:15 a.m.22 views

Design/Logic Flaw

DMA transactions which are targeted at input buffers used for the SmmResourceCheckDxe software SMI handler cause SMRAM corruption a TOCTOU attack DMA transactions which are targeted at input buffers used for the software SMI handler used by the SmmResourceCheckDxe driver could cause SMRAM...

3.4CVSS6.4AI score0.00132EPSS
Exploits0References2Affected Software1
Prion
Prion
added 2022/11/15 12:15 a.m.27 views

Memory corruption

Update description and links DMA transactions which are targeted at input buffers used for the software SMI handler used by the FvbServicesRuntimeDxe driver could cause SMRAM corruption through a TOCTOU attack.. "DMA transactions which are targeted at input buffers used for the software SMI handl...

3.4CVSS6.6AI score0.00151EPSS
Exploits0References3Affected Software1
Prion
Prion
added 2022/11/15 12:15 a.m.25 views

Hardcoded credentials

DMA transactions which are targeted at input buffers used for the SdHostDriver software SMI handler could cause SMRAM corruption through a TOCTOU attack. DMA transactions which are targeted at input buffers used for the software SMI handler used by the SdHostDriver driver could cause SMRAM...

3.5CVSS6.8AI score0.00132EPSS
Exploits0References2Affected Software1
Prion
Prion
added 2022/11/15 12:15 a.m.22 views

Design/Logic Flaw

DMA transactions which are targeted at input buffers used for the SdMmcDevice software SMI handler could cause SMRAM corruption through a TOCTOU attack. DMA transactions which are targeted at input buffers used for the software SMI handler used by the SdMmcDevice driver could cause SMRAM corrupti...

3.5CVSS6.8AI score0.00151EPSS
Exploits0References3Affected Software1
Prion
Prion
added 2022/11/15 12:15 a.m.22 views

Information disclosure

DMA transactions which are targeted at input buffers used for the NvmExpressDxe software SMI handler could cause SMRAM corruption through a TOCTOU attack. DMA transactions which are targeted at input buffers used for the software SMI handler used by the NvmExpressDxe driver could cause SMRAM...

3.5CVSS6.8AI score0.00132EPSS
Exploits0References2Affected Software1
Prion
Prion
added 2022/11/15 12:15 a.m.18 views

Design/Logic Flaw

DMA transactions which are targeted at input buffers used for the HddPassword software SMI handler could cause SMRAM corruption through a TOCTOU attack. DMA transactions which are targeted at input buffers used for the software SMI handler used by the HddPassword driver could cause SMRAM corrupti...

3.5CVSS6.8AI score0.00132EPSS
Exploits0References2Affected Software1
Rows per page
Query Builder