26 matches found
PT-2022-20634 · Insyde · Fvbservicesruntimedxe
Name of the Vulnerable Software and Affected Versions: FvbServicesRuntimeDxe driver versions prior to Kernel 5.2: 05.27.21 FvbServicesRuntimeDxe driver versions prior to Kernel 5.3: 05.36.21 FvbServicesRuntimeDxe driver versions prior to Kernel 5.4: 05.44.21 FvbServicesRuntimeDxe driver versions...
CVE-2022-36448
An issue was discovered in Insyde InsydeH2O with kernel 5.0 through 5.5. There is an SMM memory corruption vulnerability in the Software SMI handler in the PnpSmm driver...
CVE-2022-36448
An issue was discovered in Insyde InsydeH2O with kernel 5.0 through 5.5. There is an SMM memory corruption vulnerability in the Software SMI handler in the PnpSmm driver...
Insyde InsydeH2O 缓冲区错误漏洞
Insyde InsydeH2O is a C source from Insyde Software Taiwan, China that implements the new technology "EFI/UEFI" specification, designed to replace the legacy BIOS Basic Input/Output System. The vulnerability can be exploited to read or write to or manipulate data in SMRAM, resulting in an...
CVE-2021-45970
An issue was discovered in IdeBusDxe in Insyde InsydeH2O with kernel 5.1 before 05.16.25, 5.2 before 05.26.25, 5.3 before 05.35.25, 5.4 before 05.43.25, and 5.5 before 05.51.25. A vulnerability exists in the SMM System Management Mode branch that registers a SWSMI handler that does not sufficient...
CVE-2020-5956
CVE-2020-5956 affects InsydeInsydeH2O SdLegacySmm: SMI handler in the BIOS/UEFI code does not verify CommBuffer, allowing untrusted input. Affected when kernel 5.1 before 05.15.11, 5.2 before 05.25.11, 5.3 before 05.34.11, or 5.4 before 05.42.11. Documented impact includes partial integrity and n...