HIGH🇵🇱 Wersja polska

CVE-2022-29275

CVSS 8.2v3.1pub. 2022-11-15upd. 2025-04-30

In UsbCoreDxe, untrusted input may allow SMRAM or OS memory tampering Use of untrusted pointers could allow OS or SMRAM memory tampering leading to escalation of privileges. This issue was discovered by Insyde during security review. It was fixed in: Kernel 5.0: version 05.09.21 Kernel 5.1: version 05.17.21 Kernel 5.2: version 05.27.21 Kernel 5.3: version 05.36.21 Kernel 5.4: version 05.44.21 Kernel 5.5: version 05.52.21 https://www.insyde.com/security-pledge/SA-2022058

CVSS Vector
CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:C/C:H/I:H/A:H
  • Insyde Kernel

    OS
    Insyde
    5.0 – 5.0.05.09.215.1 – 5.1.05.17.21 (bez)5.2 – 5.2.05.27.21 (bez)5.3 – 5.3.05.36.21 (bez)5.4 – 5.4.05.44.21 (bez)5.5 – 5.5.05.52.21 (bez)
🔵
CHECK WITH VENDOR
No clear patch data available. Check vendor references.
CWE
References

Related vulnerabilities

CVE-2024-52880HIGH7.9ten sam produkt

An issue was discovered in Insyde InsydeH2O kernel 5.2 before version 05.29.50, kernel 5.3 before version 05.3...

CVE-2024-25078HIGH7.4ten sam produkt

A memory corruption vulnerability in StorageSecurityCommandDxe in Insyde InsydeH2O before kernel 5.2: IB191301...

CVE-2022-36337HIGH8.2ten sam produkt

An issue was discovered in Insyde InsydeH2O with kernel 5.0 through 5.5. A stack buffer overflow vulnerability...

CVE-2022-35407HIGH7.8ten sam produkt

An issue was discovered in Insyde InsydeH2O with kernel 5.0 through 5.5. A stack buffer overflow leads to arbi...

CVE-2022-29276HIGH8.2ten sam produkt

SMI functions in AhciBusDxe use untrusted inputs leading to corruption of SMRAM. SMI functions in AhciBusDxe u...