Insyde Kernel

Do you want an email whenever new security vulnerabilities are reported in Insyde Kernel?

By the Year

In 2024 there have been 0 vulnerabilities in Insyde Kernel . Last year Kernel had 1 security vulnerability published. Right now, Kernel is on track to have less security vulnerabilities in 2024 than it did last year.

Year	Vulnerabilities	Average Score
2024	0	0.00
2023	1	6.50
2022	26	7.27
2021	1	8.10
2020	0	0.00
2019	0	0.00
2018	0	0.00

It may take a day or so for new Kernel vulnerabilities to show up in the stats or in the list of recent security vulnerabilties. Additionally vulnerabilities may be tagged under a different product or component name.

Recent Insyde Kernel Security Vulnerabilities

An issue was discovered in FvbServicesRuntimeDxe in Insyde InsydeH2O with kernel 5.0 through 5.5

CVE-2023-28468 6.5 - Medium - August 03, 2023

An issue was discovered in FvbServicesRuntimeDxe in Insyde InsydeH2O with kernel 5.0 through 5.5. The FvbServicesRuntimeDxe SMM module exposes an SMI handler that allows an attacker to interact with the SPI flash at run-time from the OS.

AuthZ

An issue was discovered in Insyde InsydeH2O with kernel 5.0 through 5.5

CVE-2022-36337 8.2 - High - November 23, 2022

An issue was discovered in Insyde InsydeH2O with kernel 5.0 through 5.5. A stack buffer overflow vulnerability in the MebxConfiguration driver leads to arbitrary code execution. Control of a UEFI variable under the OS can cause this overflow when read by BIOS code.

Memory Corruption

An issue was discovered in Insyde InsydeH2O with kernel 5.0 through 5.5

CVE-2022-35407 7.8 - High - November 22, 2022

An issue was discovered in Insyde InsydeH2O with kernel 5.0 through 5.5. A stack buffer overflow leads to arbitrary code execution in the SetupUtility driver on Intel platforms. An attacker can change the values of certain UEFI variables. If the size of the second variable exceeds the size of the first, then the buffer will be overwritten. This issue affects the SetupUtility driver of InsydeH2O.

Memory Corruption

An stack buffer overflow vulnerability leads to arbitrary code execution issue was discovered in Insyde InsydeH2O with kernel 5.0 through 5.5

CVE-2022-35897 6.8 - Medium - November 21, 2022

An stack buffer overflow vulnerability leads to arbitrary code execution issue was discovered in Insyde InsydeH2O with kernel 5.0 through 5.5. If the attacker modifies specific UEFI variables, it can cause a stack overflow, leading to arbitrary code execution. The specific variables are normally locked (read-only) at the OS level and therefore an attack would require direct SPI modification. If an attacker can change the values of at least two variables out of three (SecureBootEnforce, SecureBoot, RestoreBootSettings), it is possible to execute arbitrary code.

Memory Corruption

SMI functions in AhciBusDxe use untrusted inputs leading to corruption of SMRAM

CVE-2022-29276 8.2 - High - November 15, 2022

SMI functions in AhciBusDxe use untrusted inputs leading to corruption of SMRAM. SMI functions in AhciBusDxe use untrusted inputs leading to corruption of SMRAM. This issue was discovered by Insyde during security review. It was fixed in: Kernel 5.0: version 05.09.18 Kernel 5.1: version 05.17.18 Kernel 5.2: version 05.27.18 Kernel 5.3: version 05.36.18 Kernel 5.4: version 05.44.18 Kernel 5.5: version 05.52.18 https://www.insyde.com/security-pledge/SA-2022059

Memory Corruption

Incorrect pointer checks within the NvmExpressDxe driver can

CVE-2022-29278 8.2 - High - November 15, 2022

Incorrect pointer checks within the NvmExpressDxe driver can allow tampering with SMRAM and OS memory Incorrect pointer checks within the NvmExpressDxe driver can allow tampering with SMRAM and OS memory. This issue was discovered by Insyde during security review. Fixed in: Kernel 5.1: Version 05.17.23 Kernel 5.2: Version 05.27.23 Kernel 5.3: Version 05.36.23 Kernel 5.4: Version 05.44.23 Kernel 5.5: Version 05.52.23 https://www.insyde.com/security-pledge/SA-2022061

Improper Check for Unusual or Exceptional Conditions

Use of a untrusted pointer

CVE-2022-29279 8.2 - High - November 15, 2022

Use of a untrusted pointer allows tampering with SMRAM and OS memory in SdHostDriver and SdMmcDevice Use of a untrusted pointer allows tampering with SMRAM and OS memory in SdHostDriver and SdMmcDevice. This issue was discovered by Insyde during security review. It was fixed in: Kernel 5.0: version 05.09.17 Kernel 5.1: version 05.17.17 Kernel 5.2: version 05.27.17 Kernel 5.3: version 05.36.17 Kernel 5.4: version 05.44.17 Kernel 5.5: version 05.52.17 https://www.insyde.com/security-pledge/SA-2022062

Buffer Overflow

Initialization function in PnpSmm could lead to SMRAM corruption when using subsequent PNP SMI functions Initialization function in PnpSmm could lead to SMRAM corruption when using subsequent PNP SMI functions

CVE-2022-30771 8.2 - High - November 15, 2022

Initialization function in PnpSmm could lead to SMRAM corruption when using subsequent PNP SMI functions Initialization function in PnpSmm could lead to SMRAM corruption when using subsequent PNP SMI functions. This issue was discovered by Insyde engineering during a security review. Fixed in: Kernel 5.1: Version 05.17.25 Kernel 5.2: Version 05.27.25 Kernel 5.3: Version 05.36.25 Kernel 5.4: Version 05.44.25 Kernel 5.5: Version 05.52.25 https://www.insyde.com/security-pledge/SA-2022064

Memory Corruption

Manipulation of the input address in PnpSmm function 0x52 could be used by malware to overwrite SMRAM or OS kernel memory

CVE-2022-30772 8.2 - High - November 15, 2022

Manipulation of the input address in PnpSmm function 0x52 could be used by malware to overwrite SMRAM or OS kernel memory. Function 0x52 of the PnpSmm driver is passed the address and size of data to write into the SMBIOS table, but manipulation of the address could be used by malware to overwrite SMRAM or OS kernel memory. This issue was discovered by Insyde engineering during a security review. This issue is fixed in: Kernel 5.0: 05.09.41 Kernel 5.1: 05.17.43 Kernel 5.2: 05.27.30 Kernel 5.3: 05.36.30 Kernel 5.4: 05.44.30 Kernel 5.5: 05.52.30 https://www.insyde.com/security-pledge/SA-2022065

Memory Corruption

In UsbCoreDxe, untrusted input may

CVE-2022-29275 8.2 - High - November 15, 2022

In UsbCoreDxe, untrusted input may allow SMRAM or OS memory tampering Use of untrusted pointers could allow OS or SMRAM memory tampering leading to escalation of privileges. This issue was discovered by Insyde during security review. It was fixed in: Kernel 5.0: version 05.09.21 Kernel 5.1: version 05.17.21 Kernel 5.2: version 05.27.21 Kernel 5.3: version 05.36.21 Kernel 5.4: version 05.44.21 Kernel 5.5: version 05.52.21 https://www.insyde.com/security-pledge/SA-2022058

Buffer Overflow

In UsbCoreDxe, tampering with the contents of the USB working buffer using DMA while certain USB transactions are in process leads to a TOCTOU problem

CVE-2022-30283 7.5 - High - November 15, 2022

In UsbCoreDxe, tampering with the contents of the USB working buffer using DMA while certain USB transactions are in process leads to a TOCTOU problem that could be used by an attacker to cause SMRAM corruption and escalation of privileges The UsbCoreDxe module creates a working buffer for USB transactions outside of SMRAM. The code which uses can be inside of SMM, making the working buffer untrusted input. The buffer can be corrupted by DMA transfers. The SMM code code attempts to sanitize pointers to ensure all pointers refer to the working buffer, but when a pointer is not found in the list of pointers to sanitize, the current action is not aborted, leading to undefined behavior. This issue was discovered by Insyde engineering based on the general description provided by Intel's iSTARE group. Fixed in: Kernel 5.0: Version 05.09. 21 Kernel 5.1: Version 05.17.21 Kernel 5.2: Version 05.27.21 Kernel 5.3: Version 05.36.21 Kernel 5.4: Version 05.44.21 Kernel 5.5: Version 05.52.21 https://www.insyde.com/security-pledge/SA-2022063

TOCTTOU

DMA transactions which are targeted at input buffers used for the SdMmcDevice software SMI handler could cause SMRAM corruption through a TOCTOU attack

CVE-2022-33984 7 - High - November 15, 2022

DMA transactions which are targeted at input buffers used for the SdMmcDevice software SMI handler could cause SMRAM corruption through a TOCTOU attack. DMA transactions which are targeted at input buffers used for the software SMI handler used by the SdMmcDevice driver could cause SMRAM corruption through a TOCTOU attack. This issue was discovered by Insyde engineering based on the general description provided by Intel's iSTARE group. This was fixed in kernel 5.2: 05.27.25, kernel 5.3: 05.36.25, kernel 5.4: 05.44.25, kernel 5.5: 05.52.25 https://www.insyde.com/security-pledge/SA-2022054

TOCTTOU

DMA attacks on the parameter buffer used by the PnpSmm driver could change the contents after parameter values have been checked but before they are used (a TOCTOU attack) DMA attacks on the parameter buffer used by the PnpSmm driver could change the contents after parameter values have been checked but before they are used (a TOCTOU attack)

CVE-2022-30774 6.4 - Medium - November 15, 2022

DMA attacks on the parameter buffer used by the PnpSmm driver could change the contents after parameter values have been checked but before they are used (a TOCTOU attack) DMA attacks on the parameter buffer used by the PnpSmm driver could change the contents after parameter values have been checked but before they are used (a TOCTOU attack) . This issue was discovered by Insyde engineering during a security review. This iss was fixed in Kernel 5.2: 05.27.29, Kernel 5.3: 05.36.25, Kernel 5.4: 05.44.25, Kernel 5.5: 05.52.25. CWE-367 https://www.insyde.com/security-pledge/SA-2022043

TOCTTOU

Update description and links DMA transactions

CVE-2022-31243 6.4 - Medium - November 15, 2022

Update description and links DMA transactions which are targeted at input buffers used for the software SMI handler used by the FvbServicesRuntimeDxe driver could cause SMRAM corruption through a TOCTOU attack.. "DMA transactions which are targeted at input buffers used for the software SMI handler used by the FvbServicesRuntimeDxe driver could cause SMRAM corruption. This issue was discovered by Insyde engineering based on the general description provided by Intel's iSTARE group. Fixed in Kernel 5.2: 05.27.21. Kernel 5.3: 05.36.21. Kernel 5.4: 05.44.21. Kernel 5.5: 05.52.21 https://www.insyde.com/security-pledge/SA-2022044

TOCTTOU

DMA transactions which are targeted at input buffers used for the SmmResourceCheckDxe software SMI handler cause SMRAM corruption (a TOCTOU attack) DMA transactions which are targeted at input buffers used for the software SMI handler used by the SmmResourceCheckDxe driver could cause SMRAM corruption through a TOCTOU attack

CVE-2022-32267 6.4 - Medium - November 15, 2022

DMA transactions which are targeted at input buffers used for the SmmResourceCheckDxe software SMI handler cause SMRAM corruption (a TOCTOU attack) DMA transactions which are targeted at input buffers used for the software SMI handler used by the SmmResourceCheckDxe driver could cause SMRAM corruption through a TOCTOU attack... This issue was discovered by Insyde engineering. Fixed in kernel Kernel 5.2: 05.27.23. Kernel 5.3: 05.36.23. Kernel 5.4: 05.44.23. Kernel 5.5: 05.52.23 https://www.insyde.com/security-pledge/SA-2022046

TOCTTOU

DMA transactions which are targeted at input buffers used for the AhciBusDxe software SMI handler could cause SMRAM corruption (a TOCTOU attack)

CVE-2022-33905 7 - High - November 15, 2022

DMA transactions which are targeted at input buffers used for the AhciBusDxe software SMI handler could cause SMRAM corruption (a TOCTOU attack). DMA transactions which are targeted at input buffers used for the software SMI handler used by the AhciBusDxe driver could cause SMRAM corruption through a TOCTOU attack. This issue was discovered by Insyde engineering based on the general description provided by Intel's iSTARE group, Fixed in kernel 5.2: 05.27.23, kernel 5.3: 05.36.23, kernel 5.4: 05.44.23, kernel 5.5: 05.52.23 https://www.insyde.com/security-pledge/SA-2022047

TOCTTOU

DMA transactions which are targeted at input buffers used for the FwBlockServiceSmm software SMI handler could cause SMRAM corruption through a TOCTOU attack

CVE-2022-33906 6.4 - Medium - November 15, 2022

DMA transactions which are targeted at input buffers used for the FwBlockServiceSmm software SMI handler could cause SMRAM corruption through a TOCTOU attack. DMA transactions which are targeted at input buffers used for the software SMI handler used by the FwBlockServiceSmm driver could cause SMRAM corruption through a TOCTOU attack. This issue was discovered by Insyde engineering based on the general description provided by Intel's iSTARE group. Fixed in kernel 5.2: 05.27.23, 5.3: 05.36.23, 5.4: 05.44.23, 5.5: 05.52.23 https://www.insyde.com/security-pledge/SA-2022048

TOCTTOU

DMA transactions which are targeted at input buffers used for the SdHostDriver software SMI handler could cause SMRAM corruption through a TOCTOU attack

CVE-2022-33908 7 - High - November 15, 2022

DMA transactions which are targeted at input buffers used for the SdHostDriver software SMI handler could cause SMRAM corruption through a TOCTOU attack. DMA transactions which are targeted at input buffers used for the software SMI handler used by the SdHostDriver driver could cause SMRAM corruption through a TOCTOU attack. This issue was discovered by Insyde engineering based on the general description provided by Intel's iSTARE group. Fixed in kernel 5.2: 05.27.25, kernel 5.3: 05.36.25, kernel 5.4: 05.44.25, kernel 5.5: 05.52.25 https://www.insyde.com/security-pledge/SA-2022050

TOCTTOU

DMA transactions which are targeted at input buffers used for the HddPassword software SMI handler could cause SMRAM corruption through a TOCTOU attack

CVE-2022-33909 7 - High - November 15, 2022

DMA transactions which are targeted at input buffers used for the HddPassword software SMI handler could cause SMRAM corruption through a TOCTOU attack. DMA transactions which are targeted at input buffers used for the software SMI handler used by the HddPassword driver could cause SMRAM corruption through a TOCTOU attack..This issue was discovered by Insyde engineering based on the general description provided by Intel's iSTARE group. Fixed in kernel Kernel 5.2: 05.27.23, Kernel 5.3: 05.36.23, Kernel 5.4: 05.44.23, Kernel 5.5: 05.52.23 https://www.insyde.com/security-pledge/SA-2022051

TOCTTOU

DMA transactions which are targeted at input buffers used for the NvmExpressLegacy software SMI handler could cause SMRAM corruption through a TOCTOU attack

CVE-2022-33983 7 - High - November 15, 2022

DMA transactions which are targeted at input buffers used for the NvmExpressLegacy software SMI handler could cause SMRAM corruption through a TOCTOU attack. DMA transactions which are targeted at input buffers used for the software SMI handler used by the NvmExpressLegacy driver could cause SMRAM corruption through a TOCTOU attack. This issue was discovered by Insyde engineering based on the general description provided by Intel's iSTARE group. This issue was fixed in kernel 5.2: 05.27.25, kernel 5.3: 05.36.25, kernel 5.4: 05.44.25, kernel 5.5: 05.52.25 https://www.insyde.com/security-pledge/SA-2022053

TOCTTOU

DMA attacks on the parameter buffer used by the VariableRuntimeDxe software SMI handler could lead to a TOCTOU attack

CVE-2022-33986 6.4 - Medium - November 15, 2022

DMA attacks on the parameter buffer used by the VariableRuntimeDxe software SMI handler could lead to a TOCTOU attack. DMA attacks on the parameter buffer used by the software SMI handler used by the driver VariableRuntimeDxe could lead to a TOCTOU attack on the SMI handler and lead to corruption of SMRAM. This issue was discovered by Insyde engineering during a security review. This issue is fixed in Kernel 5.4: 05.44.23 and Kernel 5.5: 05.52.23. CWE-367 CWE-367 Report at: https://www.insyde.com/security-pledge/SA-2022056

TOCTTOU

DMA transactions which are targeted at input buffers used for the NvmExpressDxe software SMI handler could cause SMRAM corruption through a TOCTOU attack

CVE-2022-33985 7 - High - November 15, 2022

DMA transactions which are targeted at input buffers used for the NvmExpressDxe software SMI handler could cause SMRAM corruption through a TOCTOU attack. DMA transactions which are targeted at input buffers used for the software SMI handler used by the NvmExpressDxe driver could cause SMRAM corruption through a TOCTOU attack. This issue was discovered by Insyde engineering based on the general description provided by Intel's iSTARE group. This issue was fixed in kernel 5.2: 05.27.25, kernel 5.3: 05.36.25, kernel 5.4: 05.44.25, kernel 5.5: 05.52.25 https://www.insyde.com/security-pledge/SA-2022055

TOCTTOU

DMA transactions which are targeted at input buffers used for the software SMI handler used by the IdeBusDxe driver could cause SMRAM corruption through a TOCTOU attack

CVE-2022-33907 6.4 - Medium - November 14, 2022

DMA transactions which are targeted at input buffers used for the software SMI handler used by the IdeBusDxe driver could cause SMRAM corruption through a TOCTOU attack... DMA transactions which are targeted at input buffers used for the software SMI handler used by the IdeBusDxe driver could cause SMRAM corruption through a TOCTOU attack. This issue was discovered by Insyde engineering based on the general description provided by Intel's iSTARE group. Fixed in kernel 5.2: 05.27.25, kernel 5.3: 05.36.25, kernel 5.4: 05.44.25 https://www.insyde.com/security-pledge/SA-2022049

TOCTTOU

DMA attacks on the parameter buffer used by the Int15ServiceSmm software SMI handler could lead to a TOCTOU attack on the SMI handler and lead to corruption of SMRAM

CVE-2022-33982 6.4 - Medium - November 14, 2022

DMA attacks on the parameter buffer used by the Int15ServiceSmm software SMI handler could lead to a TOCTOU attack on the SMI handler and lead to corruption of SMRAM. DMA attacks on the parameter buffer used by the software SMI handler used by the driver Int15ServiceSmm could lead to a TOCTOU attack on the SMI handler and lead to corruption of SMRAM. This issue was discovered by Insyde engineering during a security review. This issue is fixed in Kernel 5.2: 05.27.23, Kernel 5.3: 05.36.23, Kernel 5.4: 05.44.23 and Kernel 5.5: 05.52.23 CWE-367

TOCTTOU

DMA attacks on the parameter buffer used by a software SMI handler used by the driver PcdSmmDxe could lead to a TOCTOU attack on the SMI handler and lead to corruption of other ACPI fields and adjacent memory fields

CVE-2022-32266 6.4 - Medium - November 14, 2022

DMA attacks on the parameter buffer used by a software SMI handler used by the driver PcdSmmDxe could lead to a TOCTOU attack on the SMI handler and lead to corruption of other ACPI fields and adjacent memory fields. DMA attacks on the parameter buffer used by a software SMI handler used by the driver PcdSmmDxe could lead to a TOCTOU attack on the SMI handler and lead to corruption of other ACPI fields and adjacent memory fields. The attack would require detailed knowledge of the PCD database contents on the current platform. This issue was discovered by Insyde engineering during a security review. This issue is fixed in Kernel 5.3: 05.36.23, Kernel 5.4: 05.44.23, Kernel 5.5: 05.52.23. Kernel 5.2 is unaffected. CWE-787 An issue was discovered in Insyde InsydeH2O with kernel 5.0 through 5.5. DMA attacks on the parameter buffer that is used by a software SMI handler (used by the PcdSmmDxe driver) could lead to a TOCTOU race-condition attack on the SMI handler, and lead to corruption of other ACPI fields and adjacent memory fields. The attack would require detailed knowledge of the PCD database contents on the current platform.

Memory Corruption

DMA attacks on the parameter buffer used by the IhisiSmm driver could change the contents after parameter values have been checked but before they are used (a TOCTOU attack)

CVE-2022-30773 6.4 - Medium - November 14, 2022

DMA attacks on the parameter buffer used by the IhisiSmm driver could change the contents after parameter values have been checked but before they are used (a TOCTOU attack). DMA attacks on the parameter buffer used by the IhisiSmm driver could change the contents after parameter values have been checked but before they are used (a TOCTOU attack). This issue was discovered by Insyde engineering. This issue is fixed in Kernel 5.4: 05.44.23 and Kernel 5.5: 05.52.23. CWE-367

TOCTTOU

Existing CommBuffer checks in SmmEntryPoint will not catch underflow when computing BufferSize.

CVE-2021-38578 9.8 - Critical - March 03, 2022

Existing CommBuffer checks in SmmEntryPoint will not catch underflow when computing BufferSize.

Memory Corruption

NetworkPkg/IScsiDxe has remotely exploitable buffer overflows.

CVE-2021-38575 8.1 - High - December 01, 2021

NetworkPkg/IScsiDxe has remotely exploitable buffer overflows.

Buffer Overflow

Stay on top of Security Vulnerabilities

Want an email whenever new vulnerabilities are published for Insyde Kernel or by Insyde? Click the Watch button to subscribe.

Insyde
Vendor

Insyde Kernel
Product

Insyde Kernel

By the Year

Recent Insyde Kernel Security Vulnerabilities

An issue was discovered in FvbServicesRuntimeDxe in Insyde InsydeH2O with kernel 5.0 through 5.5 CVE-2023-28468 6.5 - Medium - August 03, 2023

An issue was discovered in Insyde InsydeH2O with kernel 5.0 through 5.5 CVE-2022-36337 8.2 - High - November 23, 2022

An issue was discovered in Insyde InsydeH2O with kernel 5.0 through 5.5 CVE-2022-35407 7.8 - High - November 22, 2022

An stack buffer overflow vulnerability leads to arbitrary code execution issue was discovered in Insyde InsydeH2O with kernel 5.0 through 5.5 CVE-2022-35897 6.8 - Medium - November 21, 2022

SMI functions in AhciBusDxe use untrusted inputs leading to corruption of SMRAM CVE-2022-29276 8.2 - High - November 15, 2022

Incorrect pointer checks within the NvmExpressDxe driver can CVE-2022-29278 8.2 - High - November 15, 2022

Use of a untrusted pointer CVE-2022-29279 8.2 - High - November 15, 2022

Initialization function in PnpSmm could lead to SMRAM corruption when using subsequent PNP SMI functions Initialization function in PnpSmm could lead to SMRAM corruption when using subsequent PNP SMI functions CVE-2022-30771 8.2 - High - November 15, 2022

Manipulation of the input address in PnpSmm function 0x52 could be used by malware to overwrite SMRAM or OS kernel memory CVE-2022-30772 8.2 - High - November 15, 2022

In UsbCoreDxe, untrusted input may CVE-2022-29275 8.2 - High - November 15, 2022

In UsbCoreDxe, tampering with the contents of the USB working buffer using DMA while certain USB transactions are in process leads to a TOCTOU problem CVE-2022-30283 7.5 - High - November 15, 2022

DMA transactions which are targeted at input buffers used for the SdMmcDevice software SMI handler could cause SMRAM corruption through a TOCTOU attack CVE-2022-33984 7 - High - November 15, 2022

Update description and links DMA transactions CVE-2022-31243 6.4 - Medium - November 15, 2022

DMA transactions which are targeted at input buffers used for the AhciBusDxe software SMI handler could cause SMRAM corruption (a TOCTOU attack) CVE-2022-33905 7 - High - November 15, 2022

DMA transactions which are targeted at input buffers used for the FwBlockServiceSmm software SMI handler could cause SMRAM corruption through a TOCTOU attack CVE-2022-33906 6.4 - Medium - November 15, 2022

DMA transactions which are targeted at input buffers used for the SdHostDriver software SMI handler could cause SMRAM corruption through a TOCTOU attack CVE-2022-33908 7 - High - November 15, 2022

DMA transactions which are targeted at input buffers used for the HddPassword software SMI handler could cause SMRAM corruption through a TOCTOU attack CVE-2022-33909 7 - High - November 15, 2022

DMA transactions which are targeted at input buffers used for the NvmExpressLegacy software SMI handler could cause SMRAM corruption through a TOCTOU attack CVE-2022-33983 7 - High - November 15, 2022

DMA attacks on the parameter buffer used by the VariableRuntimeDxe software SMI handler could lead to a TOCTOU attack CVE-2022-33986 6.4 - Medium - November 15, 2022

DMA transactions which are targeted at input buffers used for the NvmExpressDxe software SMI handler could cause SMRAM corruption through a TOCTOU attack CVE-2022-33985 7 - High - November 15, 2022

DMA transactions which are targeted at input buffers used for the software SMI handler used by the IdeBusDxe driver could cause SMRAM corruption through a TOCTOU attack CVE-2022-33907 6.4 - Medium - November 14, 2022

DMA attacks on the parameter buffer used by the Int15ServiceSmm software SMI handler could lead to a TOCTOU attack on the SMI handler and lead to corruption of SMRAM CVE-2022-33982 6.4 - Medium - November 14, 2022

DMA attacks on the parameter buffer used by a software SMI handler used by the driver PcdSmmDxe could lead to a TOCTOU attack on the SMI handler and lead to corruption of other ACPI fields and adjacent memory fields CVE-2022-32266 6.4 - Medium - November 14, 2022

DMA attacks on the parameter buffer used by the IhisiSmm driver could change the contents after parameter values have been checked but before they are used (a TOCTOU attack) CVE-2022-30773 6.4 - Medium - November 14, 2022

Existing CommBuffer checks in SmmEntryPoint will not catch underflow when computing BufferSize. CVE-2021-38578 9.8 - Critical - March 03, 2022

NetworkPkg/IScsiDxe has remotely exploitable buffer overflows. CVE-2021-38575 8.1 - High - December 01, 2021

Stay on top of Security Vulnerabilities

Insyde Vendor

Insyde KernelProduct

An issue was discovered in FvbServicesRuntimeDxe in Insyde InsydeH2O with kernel 5.0 through 5.5

CVE-2023-28468 6.5 - Medium - August 03, 2023

An issue was discovered in Insyde InsydeH2O with kernel 5.0 through 5.5

CVE-2022-36337 8.2 - High - November 23, 2022

An issue was discovered in Insyde InsydeH2O with kernel 5.0 through 5.5

CVE-2022-35407 7.8 - High - November 22, 2022

An stack buffer overflow vulnerability leads to arbitrary code execution issue was discovered in Insyde InsydeH2O with kernel 5.0 through 5.5

CVE-2022-35897 6.8 - Medium - November 21, 2022

SMI functions in AhciBusDxe use untrusted inputs leading to corruption of SMRAM

CVE-2022-29276 8.2 - High - November 15, 2022

Incorrect pointer checks within the NvmExpressDxe driver can

CVE-2022-29278 8.2 - High - November 15, 2022

Use of a untrusted pointer

CVE-2022-29279 8.2 - High - November 15, 2022

Initialization function in PnpSmm could lead to SMRAM corruption when using subsequent PNP SMI functions Initialization function in PnpSmm could lead to SMRAM corruption when using subsequent PNP SMI functions

CVE-2022-30771 8.2 - High - November 15, 2022

Manipulation of the input address in PnpSmm function 0x52 could be used by malware to overwrite SMRAM or OS kernel memory

CVE-2022-30772 8.2 - High - November 15, 2022

In UsbCoreDxe, untrusted input may

CVE-2022-29275 8.2 - High - November 15, 2022

In UsbCoreDxe, tampering with the contents of the USB working buffer using DMA while certain USB transactions are in process leads to a TOCTOU problem

CVE-2022-30283 7.5 - High - November 15, 2022

DMA transactions which are targeted at input buffers used for the SdMmcDevice software SMI handler could cause SMRAM corruption through a TOCTOU attack

CVE-2022-33984 7 - High - November 15, 2022

Update description and links DMA transactions

CVE-2022-31243 6.4 - Medium - November 15, 2022

DMA transactions which are targeted at input buffers used for the AhciBusDxe software SMI handler could cause SMRAM corruption (a TOCTOU attack)

CVE-2022-33905 7 - High - November 15, 2022

DMA transactions which are targeted at input buffers used for the FwBlockServiceSmm software SMI handler could cause SMRAM corruption through a TOCTOU attack

CVE-2022-33906 6.4 - Medium - November 15, 2022

DMA transactions which are targeted at input buffers used for the SdHostDriver software SMI handler could cause SMRAM corruption through a TOCTOU attack

CVE-2022-33908 7 - High - November 15, 2022

DMA transactions which are targeted at input buffers used for the HddPassword software SMI handler could cause SMRAM corruption through a TOCTOU attack

CVE-2022-33909 7 - High - November 15, 2022

DMA transactions which are targeted at input buffers used for the NvmExpressLegacy software SMI handler could cause SMRAM corruption through a TOCTOU attack

CVE-2022-33983 7 - High - November 15, 2022

DMA attacks on the parameter buffer used by the VariableRuntimeDxe software SMI handler could lead to a TOCTOU attack

CVE-2022-33986 6.4 - Medium - November 15, 2022

DMA transactions which are targeted at input buffers used for the NvmExpressDxe software SMI handler could cause SMRAM corruption through a TOCTOU attack

CVE-2022-33985 7 - High - November 15, 2022

DMA transactions which are targeted at input buffers used for the software SMI handler used by the IdeBusDxe driver could cause SMRAM corruption through a TOCTOU attack

CVE-2022-33907 6.4 - Medium - November 14, 2022

DMA attacks on the parameter buffer used by the Int15ServiceSmm software SMI handler could lead to a TOCTOU attack on the SMI handler and lead to corruption of SMRAM

CVE-2022-33982 6.4 - Medium - November 14, 2022

DMA attacks on the parameter buffer used by a software SMI handler used by the driver PcdSmmDxe could lead to a TOCTOU attack on the SMI handler and lead to corruption of other ACPI fields and adjacent memory fields

CVE-2022-32266 6.4 - Medium - November 14, 2022

DMA attacks on the parameter buffer used by the IhisiSmm driver could change the contents after parameter values have been checked but before they are used (a TOCTOU attack)

CVE-2022-30773 6.4 - Medium - November 14, 2022

Existing CommBuffer checks in SmmEntryPoint will not catch underflow when computing BufferSize.

CVE-2021-38578 9.8 - Critical - March 03, 2022

NetworkPkg/IScsiDxe has remotely exploitable buffer overflows.

CVE-2021-38575 8.1 - High - December 01, 2021

Insyde
Vendor

Insyde Kernel
Product