An issue exists in IhisiSmm in Insyde InsydeH2O with kernel 5.0 up to and including 5.5. It is possible to write to an attacker-controlled address. An attacker could invoke an SMI handler with a malformed pointer in RCX that overlaps SMRAM, resulting in SMM memory corruption.
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
insyde insydeh2o 05.27.37 |
||
insyde insydeh2o 05.36.37 |
||
insyde insydeh2o 05.44.45 |
||
insyde insydeh2o 05.52.45 |