EUVD-2024-54546

Malicious code in bioql PyPI...

CVE-2024-52879

An issue was discovered in Insyde InsydeH2O kernel 5.2 before version 05.29.50, kernel 5.3 before version 05.38.50, kernel 5.4 before version 05.46.50, kernel 5.5 before version 05.54.50, kernel 5.6 before version 05.61.50, and kernel 5.7 before version 05.70.50. In VariableRuntimeDxe driver,...

CVE-2024-52879

An issue was discovered in Insyde InsydeH2O kernel 5.2 before version 05.29.50, kernel 5.3 before version 05.38.50, kernel 5.4 before version 05.46.50, kernel 5.5 before version 05.54.50, kernel 5.6 before version 05.61.50, and kernel 5.7 before version 05.70.50. In VariableRuntimeDxe driver,...

CVE-2024-52879

The CVE-2024-52879 issue affects Insyde InsydeH2O kernel variants 5.2–5.7, prior to 05.70.50. The root cause is in the VariableRuntimeDxe driver, where the SMM callback SmmUpdateVariablePropertySmi() uses StrCmp() to compare variable names, potentially causing a buffer over-read. Impact component...

PT-2025-17632 · Insyde · Insydeh2O

Name of the Vulnerable Software and Affected Versions: Insyde InsydeH2O kernel versions 5.2 through 5.7 before version 05.70.50 Description: An issue was discovered in the InsydeH2O kernel, where the SmmUpdateVariablePropertySmi function, a SMM callback function in the VariableRuntimeDxe driver,...