CVE-2024-0163
https://notcve.org/view.php?id=CVE-2024-0163
Dell PowerEdge Server BIOS and Dell Precision Rack BIOS contain a TOCTOU race condition vulnerability. A local low privileged attacker could potentially exploit this vulnerability to gain access to otherwise unauthorized resources. Dell PowerEdge Server BIOS and Dell Precision Rack BIOS contienen una vulnerabilidad de condición de ejecución TOCTOU. Un atacante local con pocos privilegios podría explotar esta vulnerabilidad para obtener acceso a recursos que de otro modo no estarían autorizados. • https://www.dell.com/support/kbdoc/en-us/000222756/dsa-2024-003-security-update-for-dell-poweredge-server-bios-for-a-time-of-check-time-of-use-toctou-vulnerability • CWE-367: Time-of-check Time-of-use (TOCTOU) Race Condition •
CVE-2024-0162
https://notcve.org/view.php?id=CVE-2024-0162
Dell PowerEdge Server BIOS and Dell Precision Rack BIOS contain an Improper SMM communication buffer verification vulnerability. A local low privileged attacker could potentially exploit this vulnerability leading to out-of-bound read/writes to SMRAM. Dell PowerEdge Server BIOS and Dell Precision Rack BIOS contienen una vulnerabilidad de verificación del búfer de comunicación SMM incorrecta. Un atacante local con pocos privilegios podría explotar esta vulnerabilidad, lo que provocaría lecturas/escrituras fuera de los límites en SMRAM. • https://www.dell.com/support/kbdoc/en-us/000222812/dsa-2024-004-security-update-for-dell-poweredge-server-bios-for-an-improper-smm-communication-buffer-verification-vulnerability • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •