Lucene search
K

83 matches found

CVE
CVE
added 2022/11/14 12:0 a.m.71 views

CVE-2022-30774

CVE-2022-30774 describes a TOCTOU vulnerability in the parameter buffer used by the PnpSmm driver, enabling DMA to modify contents after parameter values are checked but before use. Documented for Siemens RuggedCom APE1808 products with InsydeH2O UEFI firmware, the CVSS base score is 6.4 (AV:L/AC...

6.4CVSS6.5AI score0.00151EPSS
Exploits0References3Affected Software1
CVE
CVE
added 2022/11/14 12:0 a.m.70 views

CVE-2022-33907

CVE-2022-33907 describes a TOCTOU vulnerability in the SMI handler input buffers of the InsydeH2O IdeBusDxe driver. DMA accesses targeting these buffers could lead to SMRAM corruption. The issue is recorded with a base CVSSv3.1 base score of 6.4 (LOCAL, HIGH complexity, HIGH privileges required) ...

6.4CVSS6.4AI score0.00151EPSS
Exploits0References3Affected Software1
CVE
CVE
added 2022/11/14 12:0 a.m.74 views

CVE-2022-33983

CVE-2022-33983 describes a TOCTOU DMA attack affecting the NvmExpressLegacy SMI handler used by the NvmExpressLegacy driver, potentially enabling SMRAM corruption. The issue is triggered by DMA transactions targeting input buffers for the software SMI handler, with the root cause tied to TOCTOU c...

7CVSS6.9AI score0.00158EPSS
Exploits0References2Affected Software1
Cvelist
Cvelist
added 2022/11/14 12:0 a.m.27 views

CVE-2022-32267

DMA transactions which are targeted at input buffers used for the SmmResourceCheckDxe software SMI handler cause SMRAM corruption a TOCTOU attack DMA transactions which are targeted at input buffers used for the software SMI handler used by the SmmResourceCheckDxe driver could cause SMRAM...

6.7AI score0.00132EPSS
Exploits0References2
Cvelist
Cvelist
added 2022/11/14 12:0 a.m.28 views

CVE-2022-33983

DMA transactions which are targeted at input buffers used for the NvmExpressLegacy software SMI handler could cause SMRAM corruption through a TOCTOU attack. DMA transactions which are targeted at input buffers used for the software SMI handler used by the NvmExpressLegacy driver could cause SMRA...

7.1AI score0.00158EPSS
Exploits0References2
CVE
CVE
added 2022/11/14 12:0 a.m.69 views

CVE-2022-33906

TOCTOU vulnerability CVE-2022-33906 affects the input buffers used by the FwBlockServiceSmm software SMI handler in InsydeH2O UEFI firmware. DMA to these buffers can race with checks, potentially causing SMRAM corruption. Documented instances reference Siemens RuggedCom APE1808 platforms with Ins...

6.4CVSS6.4AI score0.00151EPSS
Exploits0References3Affected Software1
Cvelist
Cvelist
added 2022/11/14 12:0 a.m.31 views

CVE-2022-33985

DMA transactions which are targeted at input buffers used for the NvmExpressDxe software SMI handler could cause SMRAM corruption through a TOCTOU attack. DMA transactions which are targeted at input buffers used for the software SMI handler used by the NvmExpressDxe driver could cause SMRAM...

7.1AI score0.00132EPSS
Exploits0References2
Cvelist
Cvelist
added 2022/11/14 12:0 a.m.25 views

CVE-2022-33909

DMA transactions which are targeted at input buffers used for the HddPassword software SMI handler could cause SMRAM corruption through a TOCTOU attack. DMA transactions which are targeted at input buffers used for the software SMI handler used by the HddPassword driver could cause SMRAM corrupti...

7.1AI score0.00132EPSS
Exploits0References2
CVE
CVE
added 2022/11/14 12:0 a.m.72 views

CVE-2022-32266

The connected records provide concrete details for CVE-2022-32266 affecting Insyde InsydeH2O. The vulnerability arises from DMA attacks against the parameter buffer used by the PcdSmmDxe software SMI handler, enabling a TOCTOU race condition that can corrupt other ACPI fields and adjacent memory....

6.4CVSS6.3AI score0.00174EPSS
Exploits0References2Affected Software1
CVE
CVE
added 2022/11/14 12:0 a.m.70 views

CVE-2022-33984

The CVE-2022-33984 entry describes a TOCTOU DMA vulnerability affecting the SdMmcDevice SMI handler that can corrupt SMRAM. Connected sources expand to multiple TOCTOU flaws in Insyde-managed firmware (various SMI handlers such as SdHostDriver, FvbServicesRuntimeDxe, IdeBusDxe) with CVEs 2022-307...

7CVSS6.8AI score0.00151EPSS
Exploits0References3Affected Software1
Cvelist
Cvelist
added 2022/11/14 12:0 a.m.31 views

CVE-2022-33984

DMA transactions which are targeted at input buffers used for the SdMmcDevice software SMI handler could cause SMRAM corruption through a TOCTOU attack. DMA transactions which are targeted at input buffers used for the software SMI handler used by the SdMmcDevice driver could cause SMRAM corrupti...

7.1AI score0.00151EPSS
Exploits0References3
Cvelist
Cvelist
added 2022/11/14 12:0 a.m.30 views

CVE-2022-33908

DMA transactions which are targeted at input buffers used for the SdHostDriver software SMI handler could cause SMRAM corruption through a TOCTOU attack. DMA transactions which are targeted at input buffers used for the software SMI handler used by the SdHostDriver driver could cause SMRAM...

7.1AI score0.00132EPSS
Exploits0References2
Cvelist
Cvelist
added 2022/11/14 12:0 a.m.28 views

CVE-2022-33986

DMA attacks on the parameter buffer used by the VariableRuntimeDxe software SMI handler could lead to a TOCTOU attack. DMA attacks on the parameter buffer used by the software SMI handler used by the driver VariableRuntimeDxe could lead to a TOCTOU attack on the SMI handler and lead to corruption...

6.6AI score0.00132EPSS
Exploits0References2
Cvelist
Cvelist
added 2022/11/14 12:0 a.m.34 views

CVE-2022-33905

DMA transactions which are targeted at input buffers used for the AhciBusDxe software SMI handler could cause SMRAM corruption a TOCTOU attack. DMA transactions which are targeted at input buffers used for the software SMI handler used by the AhciBusDxe driver could cause SMRAM corruption through...

7.1AI score0.00132EPSS
Exploits0References2
Vulnrichment
Vulnrichment
added 2022/11/14 12:0 a.m.6 views

CVE-2022-30773

DMA attacks on the parameter buffer used by the IhisiSmm driver could change the contents after parameter values have been checked but before they are used a TOCTOU attack. DMA attacks on the parameter buffer used by the IhisiSmm driver could change the contents after parameter values have been...

7.1AI score0.00132EPSS
Exploits0References2
OSV
OSV
added 2022/09/02 9:48 p.m.6 views

USN-5595-1 linux-aws-5.4, linux-azure-5.4 vulnerabilities

Asaf Modelevsky discovered that the IntelR 10GbE PCI Express ixgbe Ethernet driver for the Linux kernel performed insufficient control flow management. A local attacker could possibly use this to cause a denial of service. CVE-2021-33061 It was discovered that the virtual terminal driver in the...

6.8CVSS6.9AI score0.00537EPSS
Exploits0References3
Tenable Nessus
Tenable Nessus
added 2022/03/01 12:0 a.m.71 views

Oracle Linux 7 / 8 : Unbreakable Enterprise kernel (ELSA-2022-9181)

The remote Oracle Linux 7 / 8 host has packages installed that are affected by a vulnerability as referenced in the ELSA-2022-9181 advisory. 5.4.17-2136.304.4.2 - netfilter: nftablesoffload: incorrect flow offload action array size Pablo Neira Ayuso Orabug: 33899500 CVE-2022-25636 Tenable has...

7.8CVSS7.2AI score0.02633EPSS
Exploits6References2
NVD
NVD
added 2022/02/03 2:15 a.m.41 views

CVE-2021-42554

An issue was discovered in Insyde InsydeH2O with Kernel 5.0 before 05.08.42, Kernel 5.1 before 05.16.42, Kernel 5.2 before 05.26.42, Kernel 5.3 before 05.35.42, Kernel 5.4 before 05.42.51, and Kernel 5.5 before 05.50.51. An SMM memory corruption vulnerability in FvbServicesRuntimeDxe allows a...

8.2CVSS0.00326EPSS
Exploits0References5
Prion
Prion
added 2022/02/03 2:15 a.m.26 views

Memory corruption

An issue was discovered in Insyde InsydeH2O with Kernel 5.0 before 05.08.42, Kernel 5.1 before 05.16.42, Kernel 5.2 before 05.26.42, Kernel 5.3 before 05.35.42, Kernel 5.4 before 05.42.51, and Kernel 5.5 before 05.50.51. An SMM memory corruption vulnerability in FvbServicesRuntimeDxe allows a...

7.2CVSS8.2AI score0.00326EPSS
Exploits0References4Affected Software1
Prion
Prion
added 2022/01/05 11:15 p.m.21 views

Input validation

An issue was discovered in SdLegacySmm in Insyde InsydeH2O with kernel 5.1 before 05.15.11, 5.2 before 05.25.11, 5.3 before 05.34.11, and 5.4 before 05.42.11. The software SMI handler allows untrusted external input because it does not verify CommBuffer...

5CVSS7.4AI score0.00806EPSS
Exploits0References2Affected Software1
Rows per page
Query Builder