Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
insyde kernel 5.2 vulnerabilities and exploits
(subscribe to this query)
6.4
CVSSv3
CVE-2022-32267
DMA transactions which are targeted at input buffers used for the SmmResourceCheckDxe software SMI handler cause SMRAM corruption (a TOCTOU attack) DMA transactions which are targeted at input buffers used for the software SMI handler used by the SmmResourceCheckDxe driver could ...
Insyde Kernel
6.4
CVSSv3
CVE-2022-31243
Update description and links DMA transactions which are targeted at input buffers used for the software SMI handler used by the FvbServicesRuntimeDxe driver could cause SMRAM corruption through a TOCTOU attack.. "DMA transactions which are targeted at input buffers used for ...
Insyde Kernel
6.4
CVSSv3
CVE-2022-33906
DMA transactions which are targeted at input buffers used for the FwBlockServiceSmm software SMI handler could cause SMRAM corruption through a TOCTOU attack. DMA transactions which are targeted at input buffers used for the software SMI handler used by the FwBlockServiceSmm driv...
Insyde Kernel
6.4
CVSSv3
CVE-2022-30774
DMA attacks on the parameter buffer used by the PnpSmm driver could change the contents after parameter values have been checked but before they are used (a TOCTOU attack) DMA attacks on the parameter buffer used by the PnpSmm driver could change the contents after parameter valu...
Insyde Kernel
6.4
CVSSv3
CVE-2022-33982
DMA attacks on the parameter buffer used by the Int15ServiceSmm software SMI handler could lead to a TOCTOU attack on the SMI handler and lead to corruption of SMRAM. DMA attacks on the parameter buffer used by the software SMI handler used by the driver Int15ServiceSmm could lea...
Insyde Kernel
6.4
CVSSv3
CVE-2022-33907
DMA transactions which are targeted at input buffers used for the software SMI handler used by the IdeBusDxe driver could cause SMRAM corruption through a TOCTOU attack... DMA transactions which are targeted at input buffers used for the software SMI handler used by the IdeBusDxe...
Insyde Kernel
6.4
CVSSv3
CVE-2022-32266
DMA attacks on the parameter buffer used by a software SMI handler used by the driver PcdSmmDxe could lead to a TOCTOU attack on the SMI handler and lead to corruption of other ACPI fields and adjacent memory fields. DMA attacks on the parameter buffer used by a software SMI hand...
Insyde Kernel
5.5
CVSSv3
CVE-2023-40238
A LogoFAIL issue exists in BmpDecoderDxe in Insyde InsydeH2O with kernel 5.2 prior to 05.28.47, 5.3 prior to 05.37.47, 5.4 prior to 05.45.47, 5.5 prior to 05.53.47, and 5.6 prior to 05.60.47 for certain Lenovo devices. Image parsing of crafted BMP logo files can copy data to a sp...
Insyde Insydeh2o
5.5
CVSSv3
CVE-2023-27471
An issue exists in Insyde InsydeH2O with kernel 5.0 up to and including 5.5. UEFI implementations do not correctly protect and validate information contained in the 'MeSetup' UEFI variable. On some systems, this variable can be overwritten using operating system APIs. E...
Insyde Insydeh2o 5.0
Insyde Insydeh2o 5.1
Insyde Insydeh2o 5.2
Insyde Insydeh2o 5.3
Insyde Insydeh2o 5.4
Insyde Insydeh2o 5.5
5.5
CVSSv3
CVE-2023-27373
An issue exists in Insyde InsydeH2O with kernel 5.0 up to and including 5.5. Due to insufficient input validation, an attacker can tamper with a runtime-accessible EFI variable to cause a dynamic BAR setting to overlap SMRAM.
Insyde Insydeh2o 5.0
Insyde Insydeh2o 5.1
Insyde Insydeh2o 5.2
Insyde Insydeh2o 5.3
Insyde Insydeh2o 5.4
Insyde Insydeh2o 5.5
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
validation
CVE-2012-1823
malicious code
CVE-2024-5770
CVE-2023-45866
CVE-2024-35687
local users
CVE-2024-31246
CVE-2024-35730
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
NEXT »