Kernel Security Vulnerabilities and Issues — Kernel CVE List

Lucene search

InsydeKernel

8 matches found

CVE•added 2021/12/01 6:15 p.m.•86 views

CVE-2021-38575

NetworkPkg/IScsiDxe has remotely exploitable buffer overflows.

8.1CVSS7.9AI score0.00607EPSS

CVE•added 2022/11/15 9:15 p.m.•65 views

CVE-2022-29275

In UsbCoreDxe, untrusted input may allow SMRAM or OS memory tampering Use of untrusted pointers could allow OS or SMRAM memory tampering leading to escalation of privileges. This issue was discovered by Insyde during security review. It was fixed in: Kernel 5.0: version 05.09.21 Kernel 5.1: version...

8.2CVSS8.3AI score0.00045EPSS

CVE•added 2022/11/15 10:15 p.m.•62 views

CVE-2022-29278

Incorrect pointer checks within the NvmExpressDxe driver can allow tampering with SMRAM and OS memory Incorrect pointer checks within the NvmExpressDxe driver can allow tampering with SMRAM and OS memory. This issue was discovered by Insyde during security review. Fixed in: Kernel 5.1: Version 05.1...

8.2CVSS8.1AI score0.00044EPSS

CVE•added 2022/11/15 9:15 p.m.•62 views

CVE-2022-30772

Manipulation of the input address in PnpSmm function 0x52 could be used by malware to overwrite SMRAM or OS kernel memory. Function 0x52 of the PnpSmm driver is passed the address and size of data to write into the SMBIOS table, but manipulation of the address could be used by malware to overwrite ...

8.2CVSS7.6AI score0.00044EPSS

CVE•added 2022/11/15 10:15 p.m.•60 views

CVE-2022-29279

Use of a untrusted pointer allows tampering with SMRAM and OS memory in SdHostDriver and SdMmcDevice Use of a untrusted pointer allows tampering with SMRAM and OS memory in SdHostDriver and SdMmcDevice. This issue was discovered by Insyde during security review. It was fixed in: Kernel 5.0: version...

8.2CVSS8.1AI score0.00044EPSS

CVE•added 2022/11/15 10:15 p.m.•57 views

CVE-2022-29276

SMI functions in AhciBusDxe use untrusted inputs leading to corruption of SMRAM. SMI functions in AhciBusDxe use untrusted inputs leading to corruption of SMRAM. This issue was discovered by Insyde during security review. It was fixed in: Kernel 5.0: version 05.09.18 Kernel 5.1: version 05.17.18 Ke...

8.2CVSS8.2AI score0.00044EPSS

CVE•added 2022/11/23 3:15 a.m.•56 views

CVE-2022-36337

An issue was discovered in Insyde InsydeH2O with kernel 5.0 through 5.5. A stack buffer overflow vulnerability in the MebxConfiguration driver leads to arbitrary code execution. Control of a UEFI variable under the OS can cause this overflow when read by BIOS code.

8.2CVSS8.3AI score0.00094EPSS

CVE•added 2022/11/15 9:15 p.m.•44 views

CVE-2022-30771

Initialization function in PnpSmm could lead to SMRAM corruption when using subsequent PNP SMI functions Initialization function in PnpSmm could lead to SMRAM corruption when using subsequent PNP SMI functions. This issue was discovered by Insyde engineering during a security review. Fixed in: Kern...

8.2CVSS8.2AI score0.00044EPSS