Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
insyde kernel 5.4 vulnerabilities and exploits
(subscribe to this query)
6.4
CVSSv3
CVE-2022-31243
Update description and links DMA transactions which are targeted at input buffers used for the software SMI handler used by the FvbServicesRuntimeDxe driver could cause SMRAM corruption through a TOCTOU attack.. "DMA transactions which are targeted at input buffers used for ...
Insyde Kernel
6.4
CVSSv3
CVE-2022-33907
DMA transactions which are targeted at input buffers used for the software SMI handler used by the IdeBusDxe driver could cause SMRAM corruption through a TOCTOU attack... DMA transactions which are targeted at input buffers used for the software SMI handler used by the IdeBusDxe...
Insyde Kernel
7
CVSSv3
CVE-2022-33983
DMA transactions which are targeted at input buffers used for the NvmExpressLegacy software SMI handler could cause SMRAM corruption through a TOCTOU attack. DMA transactions which are targeted at input buffers used for the software SMI handler used by the NvmExpressLegacy driver...
Insyde Kernel
7
CVSSv3
CVE-2022-33909
DMA transactions which are targeted at input buffers used for the HddPassword software SMI handler could cause SMRAM corruption through a TOCTOU attack. DMA transactions which are targeted at input buffers used for the software SMI handler used by the HddPassword driver could cau...
Insyde Kernel
8.2
CVSSv3
CVE-2022-30772
Manipulation of the input address in PnpSmm function 0x52 could be used by malware to overwrite SMRAM or OS kernel memory. Function 0x52 of the PnpSmm driver is passed the address and size of data to write into the SMBIOS table, but manipulation of the address could be used by ma...
Insyde Kernel
7.5
CVSSv3
CVE-2022-30283
In UsbCoreDxe, tampering with the contents of the USB working buffer using DMA while certain USB transactions are in process leads to a TOCTOU problem that could be used by an malicious user to cause SMRAM corruption and escalation of privileges The UsbCoreDxe module creates a wo...
Insyde Kernel
6.4
CVSSv3
CVE-2022-32266
DMA attacks on the parameter buffer used by a software SMI handler used by the driver PcdSmmDxe could lead to a TOCTOU attack on the SMI handler and lead to corruption of other ACPI fields and adjacent memory fields. DMA attacks on the parameter buffer used by a software SMI hand...
Insyde Kernel
4.7
CVSSv3
CVE-2022-24351
TOCTOU race-condition vulnerability in Insyde InsydeH2O with Kernel 5.2 before version 05.27.29, Kernel 5.3 before version 05.36.29, Kernel 5.4 version prior to 05.44.13, and Kernel 5.5 before version 05.52.13 allows an malicious user to alter data and code used by the remainder ...
Insyde Insydeh2o
7.5
CVSSv3
CVE-2020-5956
An issue exists in SdLegacySmm in Insyde InsydeH2O with kernel 5.1 prior to 05.15.11, 5.2 prior to 05.25.11, 5.3 prior to 05.34.11, and 5.4 prior to 05.42.11. The software SMI handler allows untrusted external input because it does not verify CommBuffer.
Insyde Insydeh2o
9.8
CVSSv3
CVE-2021-41842
An issue exists in AtaLegacySmm in the kernel 5.0 prior to 05.08.46, 5.1 prior to 05.16.46, 5.2 prior to 05.26.46, 5.3 prior to 05.35.46, 5.4 prior to 05.43.46, and 5.5 prior to 05.51.45 in Insyde InsydeH2O. Code execution can occur because the SMI handler lacks a CommBuffer chec...
Insyde Insydeh2o
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
authentication bypass
CVE-2024-30043
camera
CVE-2023-40404
CVE-2024-2793
client side
CVE-2024-4469
CVE-2024-3565
CVE-2024-29825
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
NEXT »