CVE-2024-36355

CVE-2024-36355 is an AMD SMM-related vulnerability: improper input validation in the System Management Mode (SMM) handler can enable a Ring0 attacker to write to SMRAM and alter execution flow during S3 wake, potentially allowing arbitrary code execution. Affected context appears in AMD EPYC/embe...

CVE-2024-36310

Improper input validation in the SMM communications buffer could allow a privileged attacker to perform an out of bounds read or write to SMRAM potentially resulting in loss of confidentiality or integrity...

EUVD-2021-20303

Malware in sbrugna...

EUVD-2023-57173

Malicious code in bioql PyPI...

CVE-2023-52548

Huawei Matebook D16Model: CREM-WXX9, BIOS: v2.26 Arbitrary Memory Corruption in SMI Handler of ThisiServicesSmm SMM module. This can be leveraged by a malicious OS attacker to corrupt arbitrary SMRAM memory and, in turn, lead to code execution in SMM...

CVE-2023-0206

NVIDIA DGX A100 SBIOS contains a vulnerability where an attacker may modify arbitrary memory of SMRAM by exploiting the NVME SMM API. A successful exploit of this vulnerability may lead to denial of service, escalation of privileges, and information disclosure...

CVE-2023-0202

NVIDIA DGX A100 SBIOS contains a vulnerability where an attacker may modify arbitrary memory of SMRAM by exploiting the GenericSio and LegacySmmSredir SMM APIs. A successful exploit of this vulnerability may lead to denial of service, escalation of privileges, and information disclosure...

NVIDIA DGX 安全漏洞

NVIDIA DGX is a high-performance workstation for deep learning applications from NVIDIA. A security vulnerability exists in the NVIDIA DGX A100 SBIOS that originates from an attacker being able to modify arbitrary memory in SMRAM using the GenericSio and LegacySmmSredir SMM APIs, which could resu...

K45810018: Multiple Insyde BIOS/EFI vulnerabilities

Security Advisory Description CVE-2020-5953 A vulnerability exists in System Management Interrupt SWSMI handler of InsydeH2O UEFI Firmware code located in SWSMI handler that dereferences gRT EFIRUNTIMESERVICES pointer to call a GetVariable service, which is located outside of SMRAM. This can resu...

CVE-2022-34393

Dell BIOS contains an improper input validation vulnerability. A local authenticated malicious user may potentially exploit this vulnerability by using an SMI to gain arbitrary code execution in SMRAM...

CVE-2022-29278

Incorrect pointer checks within the NvmExpressDxe driver can allow tampering with SMRAM and OS memory Incorrect pointer checks within the NvmExpressDxe driver can allow tampering with SMRAM and OS memory. This issue was discovered by Insyde during security review. Fixed in: Kernel 5.1: Version...

PT-2022-19519 · Kernel · Kernel

Name of the Vulnerable Software and Affected Versions: Kernel 5.0 versions prior to 05.09.17 Kernel 5.1 versions prior to 05.17.17 Kernel 5.2 versions prior to 05.27.17 Kernel 5.3 versions prior to 05.36.17 Kernel 5.4 versions prior to 05.44.17 Kernel 5.5 versions prior to 05.52.17 Description: T...

PT-2022-19515 · Kernel · Kernel

Name of the Vulnerable Software and Affected Versions: Kernel 5.0 versions prior to 05.09.21 Kernel 5.1 versions prior to 05.17.21 Kernel 5.2 versions prior to 05.27.21 Kernel 5.3 versions prior to 05.36.21 Kernel 5.4 versions prior to 05.44.21 Kernel 5.5 versions prior to 05.52.21 Description: I...

PT-2022-21900 · Insyde · Sdhostdriver

Name of the Vulnerable Software and Affected Versions: SdHostDriver driver versions prior to kernel 5.2: 05.27.25 SdHostDriver driver versions prior to kernel 5.3: 05.36.25 SdHostDriver driver versions prior to kernel 5.4: 05.44.25 SdHostDriver driver versions prior to kernel 5.5: 05.52.25...

PT-2022-21944 · Insyde · Int15Servicesmm

Name of the Vulnerable Software and Affected Versions: Int15ServiceSmm software SMI handler versions prior to Kernel 5.2: 05.27.23 Int15ServiceSmm software SMI handler versions prior to Kernel 5.3: 05.36.23 Int15ServiceSmm software SMI handler versions prior to Kernel 5.4: 05.44.23 Int15ServiceSm...

CVE-2022-40262

A potential attacker can execute an arbitrary code at the time of the PEI phase and influence the subsequent boot stages. This can lead to the mitigations bypassing, physical memory contents disclosure, discovery of any secrets from any Virtual Machines VMs and bypassing memory isolation and...

CVE-2022-26873

A potential attacker can execute an arbitrary code at the time of the PEI phase and influence the subsequent boot stages. This can lead to the mitigations bypassing, physical memory contents disclosure, discovery of any secrets from any Virtual Machines VMs and bypassing memory isolation and...

Memory corruption

A potential attacker can write one byte by arbitrary address at the time of the PEI phase only during S3 resume boot mode and influence the subsequent boot stages. This can lead to the mitigations bypassing, physical memory contents disclosure, discovery of any secrets from any Virtual Machines V...

CVE-2022-26873

CVE-2022-26873 affects AMI Aptio 5.x PlatformInitAdvancedPreMem. The issue is described as a stack buffer overflow in PlatformInitAdvancedPreMem that can allow arbitrary code execution during the PEI phase, potentially enabling mitigation bypass, memory contents disclosure, VM secrets access, and...

CVE-2022-26873 The stack buffer overflow vulnerability in PlatformInitAdvancedPreMem leads to arbitrary code execution during PEI phase.

A potential attacker can execute an arbitrary code at the time of the PEI phase and influence the subsequent boot stages. This can lead to the mitigations bypassing, physical memory contents disclosure, discovery of any secrets from any Virtual Machines VMs and bypassing memory isolation and...