570 matches found
CVE-2022-30771
Initialization function in PnpSmm could lead to SMRAM corruption when using subsequent PNP SMI functions Initialization function in PnpSmm could lead to SMRAM corruption when using subsequent PNP SMI functions. This issue was discovered by Insyde engineering during a security review. Fixed in:...
CVE-2022-29278
Incorrect pointer checks within the NvmExpressDxe driver can allow tampering with SMRAM and OS memory Incorrect pointer checks within the NvmExpressDxe driver can allow tampering with SMRAM and OS memory. This issue was discovered by Insyde during security review. Fixed in: Kernel 5.1: Version...
CVE-2022-29275
In UsbCoreDxe, untrusted input may allow SMRAM or OS memory tampering Use of untrusted pointers could allow OS or SMRAM memory tampering leading to escalation of privileges. This issue was discovered by Insyde during security review. It was fixed in: Kernel 5.0: version 05.09.21 Kernel 5.1: versi...
PT-2022-19519 · Kernel · Kernel
Name of the Vulnerable Software and Affected Versions: Kernel 5.0 versions prior to 05.09.17 Kernel 5.1 versions prior to 05.17.17 Kernel 5.2 versions prior to 05.27.17 Kernel 5.3 versions prior to 05.36.17 Kernel 5.4 versions prior to 05.44.17 Kernel 5.5 versions prior to 05.52.17 Description: T...
PT-2022-19515 · Kernel · Kernel
Name of the Vulnerable Software and Affected Versions: Kernel 5.0 versions prior to 05.09.21 Kernel 5.1 versions prior to 05.17.21 Kernel 5.2 versions prior to 05.27.21 Kernel 5.3 versions prior to 05.36.21 Kernel 5.4 versions prior to 05.44.21 Kernel 5.5 versions prior to 05.52.21 Description: I...
PT-2022-19516 · Insyde · Ahcibusdxe
Name of the Vulnerable Software and Affected Versions: AhciBusDxe versions prior to 05.09.18 AhciBusDxe versions prior to 05.17.18 AhciBusDxe versions prior to 05.27.18 AhciBusDxe versions prior to 05.36.18 AhciBusDxe versions prior to 05.44.18 AhciBusDxe versions prior to 05.52.18 Description: S...
PT-2022-34969 · Linux · Linux Kernel
Name of the Vulnerable Software and Affected Versions: Linux Kernel versions prior to v6.0.3 Description: The issue is related to the blk-mq elevator switch when reinitializing queues. The actual impact and attack plausibility have not yet been proven. Recommendations: For Linux Kernel versions...
PT-2022-35025 · Linux · Linux Kernel
Name of the Vulnerable Software and Affected Versions: Linux Kernel versions prior to 6.0.3 Description: The issue is related to the x86/apic component, specifically concerning the handling of x2APIC. The problem arises when x2APIC is not properly disabled if it is locked. This could potentially...
PT-2022-35305 · Marvell · Marvell Octeontx
Name of the Vulnerable Software and Affected Versions: Linux Kernel versions prior to v5.15.75 Description: The issue is related to preventing integer overflows in the crypto module of the Marvell OcteonTX driver. The actual impact and attack plausibility have not yet been proven. Recommendations...
PT-2022-21897 · Insyde · Ahcibusdxe
Name of the Vulnerable Software and Affected Versions: AhciBusDxe driver versions prior to kernel 5.2: 05.27.23 AhciBusDxe driver versions prior to kernel 5.3: 05.36.23 AhciBusDxe driver versions prior to kernel 5.4: 05.44.23 AhciBusDxe driver versions prior to kernel 5.5: 05.52.23 Description: T...
PT-2022-21947 · Insyde · Nvmexpressdxe
Name of the Vulnerable Software and Affected Versions: NvmExpressDxe driver versions prior to kernel 5.2: 05.27.25 NvmExpressDxe driver versions prior to kernel 5.3: 05.36.25 NvmExpressDxe driver versions prior to kernel 5.4: 05.44.25 NvmExpressDxe driver versions prior to kernel 5.5: 05.52.25...
PT-2022-35180 · Linux · Linux Kernel
Name of the Vulnerable Software and Affected Versions: Linux Kernel versions prior to v6.0.2 Description: The issue is related to BSS refcounting bugs in the cfg80211 component of the Linux Kernel. The actual impact and attack plausibility have not yet been proven. Recommendations: For Linux Kern...
PT-2022-35715 · Linux · Linux Kernel
Name of the Vulnerable Software and Affected Versions: Linux Kernel versions 2.6.33 through 4.19.263 Description: The issue is related to a use-after-free UAF problem in the nfqnl nf hook drop function when ops init fails. This problem was introduced in version v2.6.33 and is fixed in version...
PT-2022-35210 · Linux · Linux Kernel
Name of the Vulnerable Software and Affected Versions: Linux Kernel versions v4.17 through v5.15.76 Description: A null pointer dereference issue was discovered in the tipc topsrv accept function. The actual impact and attack plausibility have not yet been proven. Recommendations: For Linux Kerne...
PT-2022-20307 · Insyde · Ihisismm Driver
Name of the Vulnerable Software and Affected Versions: IhisiSmm driver versions prior to Kernel 5.4: 05.44.23 IhisiSmm driver versions prior to Kernel 5.5: 05.52.23 Description: The issue allows DMA attacks on the parameter buffer used by the IhisiSmm driver to change the contents after parameter...
PT-2022-35539 · Linux · Linux Kernel
Name of the Vulnerable Software and Affected Versions: Linux Kernel versions 5.10.94 through 5.10.149 Description: A null pointer dereference bug was identified. The actual impact and attack plausibility have not yet been proven. Recommendations: For Linux Kernel versions 5.10.94 through 5.10.149...
Linux kernel 资源管理错误漏洞
Linux kernel is the kernel used by Linux, the open source operating system of the Linux Foundation in the United States. A security vulnerability exists in Linux kernel versions 5.2 through 5.19.14 that stems from post-release reuse in the mac80211 stack when parsing multiple BSSID elements, whic...
PT-2022-34842 · Linux · Linux Kernel
Name of the Vulnerable Software and Affected Versions: Linux Kernel versions prior to v5.10.146 Description: The issue is related to the taprio component in the Linux Kernel, where offload can be disabled even if it was never enabled. The actual impact and attack plausibility have not yet been...
PT-2022-34583 · Linux · Linux Kernel
Name of the Vulnerable Software and Affected Versions: Linux Kernel versions prior to v5.19.10 Description: The issue is related to the addition of RC code in the cc2520 tx function. The actual impact and attack plausibility have not yet been proven. Recommendations: For Linux Kernel versions pri...
CVE-2022-36448
An issue was discovered in Insyde InsydeH2O with kernel 5.0 through 5.5. There is an SMM memory corruption vulnerability in the Software SMI handler in the PnpSmm driver...