Siemens InsydeH2O Improper Input Validation (CVE-2020-27339)

In the kernel in Insyde InsydeH2O 5.x, certain SMM drivers did not correctly validate the CommBuffer and CommBufferSize parameters, allowing callers to corrupt either the firmware or the OS memory. The fixed versions for this issue in the AhciBusDxe, IdeBusDxe, NvmExpressDxe, SdHostDriverDxe, and...

CVE-2020-27339

In the kernel in Insyde InsydeH2O 5.x, certain SMM drivers did not correctly validate the CommBuffer and CommBufferSize parameters, allowing callers to corrupt either the firmware or the OS memory. The fixed versions for this issue in the AhciBusDxe, IdeBusDxe, NvmExpressDxe, SdHostDriverDxe, and...

Code injection

In the kernel in Insyde InsydeH2O 5.x, certain SMM drivers did not correctly validate the CommBuffer and CommBufferSize parameters, allowing callers to corrupt either the firmware or the OS memory. The fixed versions for this issue in the AhciBusDxe, IdeBusDxe, NvmExpressDxe, SdHostDriverDxe, and...

CVE-2020-27339

CVE-2020-27339 affects InsydeH2O kernel 5.x, where several SMM drivers (AhciBusDxe, IdeBusDxe, NvmExpressDxe, SdHostDriverDxe, SdMmcDeviceDxe) fail to validate the CommBuffer and CommBufferSize, allowing memory corruption of firmware or OS memory. The issue is fixed in kernel 5.1–5.5 with specifi...