Lucene search
K

132 matches found

NVD
NVD
added 2023/02/15 3:15 a.m.43 views

CVE-2022-32473

An issue was discovered in Insyde InsydeH2O with kernel 5.0 through 5.5. DMA attacks on the HddPassword shared buffer used by SMM and non-SMM code could cause TOCTOU race-condition issues that could lead to corruption of SMRAM and escalation of privileges. This attack can be mitigated using IOMMU...

7CVSS7.4AI score0.00132EPSS
Exploits0References2
NVD
NVD
added 2023/02/15 3:15 a.m.20 views

CVE-2022-32476

An issue was discovered in Insyde InsydeH2O with kernel 5.0 through 5.5. DMA attacks on the AhciBusDxe shared buffer used by SMM and non-SMM code could cause TOCTOU race-condition issues that could lead to corruption of SMRAM and escalation of privileges. This attack can be mitigated using IOMMU...

7CVSS7.4AI score0.00132EPSS
Exploits0References2
Prion
Prion
added 2023/02/15 3:15 a.m.21 views

Race condition

An issue was discovered in Insyde InsydeH2O with kernel 5.0 through 5.5. DMA attacks on the AhciBusDxe shared buffer used by SMM and non-SMM code could cause TOCTOU race-condition issues that could lead to corruption of SMRAM and escalation of privileges. This attack can be mitigated using IOMMU...

3.5CVSS7.2AI score0.00132EPSS
Exploits0References2Affected Software1
Prion
Prion
added 2023/02/15 3:15 a.m.21 views

Race condition

An issue was discovered in Insyde InsydeH2O with kernel 5.0 through 5.5. DMA attacks on the SdHostDriver buffer used by SMM and non-SMM code could cause TOCTOU race-condition issues that could lead to corruption of SMRAM and escalation of privileges. This attack can be mitigated by using IOMMU...

3.5CVSS7.7AI score0.00132EPSS
Exploits0References2Affected Software1
Prion
Prion
added 2023/02/15 2:15 a.m.23 views

Race condition

An issue was discovered in Insyde InsydeH2O with kernel 5.0 through 5.5. DMA attacks on the NvmExpressDxe buffer used by SMM and non-SMM code could cause TOCTOU race-condition issues that could lead to corruption of SMRAM and escalation of privileges. This attack can be mitigated by using IOMMU...

3.5CVSS7.2AI score0.00132EPSS
Exploits0References2Affected Software1
Cvelist
Cvelist
added 2023/02/15 12:0 a.m.33 views

CVE-2022-32470

An issue was discovered in Insyde InsydeH2O with kernel 5.0 through 5.5. DMA attacks on the FwBlockServiceSmm shared buffer used by SMM and non-SMM code could cause TOCTOU race-condition issues that could lead to corruption of SMRAM and escalation of privileges. This attack can be mitigated using...

7.5AI score0.00132EPSS
Exploits0References2
CVE
CVE
added 2023/02/15 12:0 a.m.72 views

CVE-2022-32471

CVE-2022-32471 affects InsydeH2O IhisiSmm via the IhisiDxe driver. The command buffer is used to pass input/output data; DMA can modify the command buffer contents after input checks but before use, potentially altering SMRAM or OS and causing data corruption or privilege escalation. Affected is ...

7CVSS7.3AI score0.00132EPSS
Exploits0References2Affected Software1
CVE
CVE
added 2023/02/15 12:0 a.m.71 views

CVE-2022-32953

CVE-2022-32953 affects Insyde InsydeH2O BIOS (kernel 5.0–5.5). DMA-based TOCTOU on the SdHostDriver buffer in SMM and non-SMM code could corrupt SMRAM and escalate privileges. Mitigations per the sources include enabling IOMMU protection for the ACPI runtime memory used for the command buffer and...

7CVSS7.3AI score0.00132EPSS
Exploits0References2Affected Software1
CVE
CVE
added 2023/02/15 12:0 a.m.79 views

CVE-2022-32954

The CVE-2022-32954 issue affects Insyde InsydeH2O BIOS (kernel 5.1–5.5). Description and connected sources confirm a TOCTOU race condition via DMA on SdMmcDevice buffer used by SMM and non-SMM code, risking SMRAM corruption and privilege escalation. Impacts are locally exploitable and context-spe...

7CVSS7.3AI score0.00132EPSS
Exploits0References2Affected Software1
CVE
CVE
added 2023/02/15 12:0 a.m.76 views

CVE-2022-32478

CVE-2022-32478 concerns InsydeH2O firmware (kernel 5.0–5.5). A DMA-driven TOCTOU race in the IdeBusDxe shared buffer used by SMM and non-SMM code could lead to SMRAM corruption and privilege escalation. Documented mitigations include enabling IOMMU protection for the ACPI runtime memory that back...

7CVSS7.3AI score0.00132EPSS
Exploits0References2Affected Software1
Cvelist
Cvelist
added 2023/02/15 12:0 a.m.37 views

CVE-2022-32474

An issue was discovered in Insyde InsydeH2O with kernel 5.0 through 5.5. DMA attacks on the StorageSecurityCommandDxe shared buffer used by SMM and non-SMM code could cause TOCTOU race-condition issues that could lead to corruption of SMRAM and escalation of privileges. This attack can be mitigat...

7.5AI score0.00132EPSS
Exploits0References2
NVD
NVD
added 2022/11/15 10:15 p.m.38 views

CVE-2022-29279

Use of a untrusted pointer allows tampering with SMRAM and OS memory in SdHostDriver and SdMmcDevice Use of a untrusted pointer allows tampering with SMRAM and OS memory in SdHostDriver and SdMmcDevice. This issue was discovered by Insyde during security review. It was fixed in: Kernel 5.0: versi...

8.2CVSS0.00193EPSS
Exploits0References2
NVD
NVD
added 2022/11/15 10:15 p.m.23 views

CVE-2022-29278

Incorrect pointer checks within the NvmExpressDxe driver can allow tampering with SMRAM and OS memory Incorrect pointer checks within the NvmExpressDxe driver can allow tampering with SMRAM and OS memory. This issue was discovered by Insyde during security review. Fixed in: Kernel 5.1: Version...

8.2CVSS0.00193EPSS
Exploits0References2
NVD
NVD
added 2022/11/15 10:15 p.m.32 views

CVE-2022-29276

SMI functions in AhciBusDxe use untrusted inputs leading to corruption of SMRAM. SMI functions in AhciBusDxe use untrusted inputs leading to corruption of SMRAM. This issue was discovered by Insyde during security review. It was fixed in: Kernel 5.0: version 05.09.18 Kernel 5.1: version 05.17.18...

8.2CVSS0.00193EPSS
Exploits0References2
Prion
Prion
added 2022/11/15 10:15 p.m.25 views

Null pointer dereference

Use of a untrusted pointer allows tampering with SMRAM and OS memory in SdHostDriver and SdMmcDevice Use of a untrusted pointer allows tampering with SMRAM and OS memory in SdHostDriver and SdMmcDevice. This issue was discovered by Insyde during security review. It was fixed in: Kernel 5.0: versi...

4CVSS8.1AI score0.00193EPSS
Exploits0References2Affected Software1
Prion
Prion
added 2022/11/15 10:15 p.m.23 views

Null pointer dereference

Incorrect pointer checks within the NvmExpressDxe driver can allow tampering with SMRAM and OS memory Incorrect pointer checks within the NvmExpressDxe driver can allow tampering with SMRAM and OS memory. This issue was discovered by Insyde during security review. Fixed in: Kernel 5.1: Version...

4CVSS8.2AI score0.00193EPSS
Exploits0References2Affected Software1
NVD
NVD
added 2022/11/15 9:15 p.m.35 views

CVE-2022-29275

In UsbCoreDxe, untrusted input may allow SMRAM or OS memory tampering Use of untrusted pointers could allow OS or SMRAM memory tampering leading to escalation of privileges. This issue was discovered by Insyde during security review. It was fixed in: Kernel 5.0: version 05.09.21 Kernel 5.1: versi...

8.2CVSS0.00193EPSS
Exploits0References2
NVD
NVD
added 2022/11/15 9:15 p.m.27 views

CVE-2022-30771

Initialization function in PnpSmm could lead to SMRAM corruption when using subsequent PNP SMI functions Initialization function in PnpSmm could lead to SMRAM corruption when using subsequent PNP SMI functions. This issue was discovered by Insyde engineering during a security review. Fixed in:...

8.2CVSS0.00193EPSS
Exploits0References2
Prion
Prion
added 2022/11/15 9:15 p.m.19 views

Design/Logic Flaw

Initialization function in PnpSmm could lead to SMRAM corruption when using subsequent PNP SMI functions Initialization function in PnpSmm could lead to SMRAM corruption when using subsequent PNP SMI functions. This issue was discovered by Insyde engineering during a security review. Fixed in:...

4CVSS8.1AI score0.00193EPSS
Exploits0References2Affected Software1
Prion
Prion
added 2022/11/15 9:15 p.m.20 views

Buffer overflow

In UsbCoreDxe, tampering with the contents of the USB working buffer using DMA while certain USB transactions are in process leads to a TOCTOU problem that could be used by an attacker to cause SMRAM corruption and escalation of privileges The UsbCoreDxe module creates a working buffer for USB...

3.4CVSS8.3AI score0.00135EPSS
Exploits0References2Affected Software1
Rows per page
Query Builder