Page 3 of 26 results (0.006 seconds)

CVSS: 8.2EPSS: 0%CPEs: 5EXPL: 0

Initialization function in PnpSmm could lead to SMRAM corruption when using subsequent PNP SMI functions Initialization function in PnpSmm could lead to SMRAM corruption when using subsequent PNP SMI functions. This issue was discovered by Insyde engineering during a security review. Fixed in: Kernel 5.1: Version 05.17.25 Kernel 5.2: Version 05.27.25 Kernel 5.3: Version 05.36.25 Kernel 5.4: Version 05.44.25 Kernel 5.5: Version 05.52.25 https://www.insyde.com/security-pledge/SA-2022064 La función de inicialización en PnpSmm podría provocar daños en la SMRAM al utilizar funciones PNP SMI posteriores. La función de inicialización en PnpSmm podría provocar daños en la SMRAM al utilizar funciones PNP SMI posteriores. Este problema fue descubierto por la ingeniería de Insyde durante una revisión de seguridad. • https://www.insyde.com/security-pledge https://www.insyde.com/security-pledge/SA-2022064 • CWE-787: Out-of-bounds Write •

CVSS: 6.4EPSS: 0%CPEs: 4EXPL: 0

DMA attacks on the parameter buffer used by the PnpSmm driver could change the contents after parameter values have been checked but before they are used (a TOCTOU attack) DMA attacks on the parameter buffer used by the PnpSmm driver could change the contents after parameter values have been checked but before they are used (a TOCTOU attack) . This issue was discovered by Insyde engineering during a security review. This iss was fixed in Kernel 5.2: 05.27.29, Kernel 5.3: 05.36.25, Kernel 5.4: 05.44.25, Kernel 5.5: 05.52.25. CWE-367 https://www.insyde.com/security-pledge/SA-2022043 Los ataques DMA al búfer de parámetros utilizado por el controlador PnpSmm podrían cambiar el contenido después de que se hayan verificado los valores de los parámetros, pero antes de que se utilicen (un ataque TOCTOU). Los ataques DMA al búfer de parámetros utilizado por el controlador PnpSmm podrían cambiar el contenido después de que se hayan verificado los valores de los parámetros han sido verificados pero antes de ser utilizados (un ataque TOCTOU). • https://cert-portal.siemens.com/productcert/pdf/ssa-450613.pdf https://www.insyde.com/security-pledge https://www.insyde.com/security-pledge/SA-2022043 • CWE-367: Time-of-check Time-of-use (TOCTOU) Race Condition •

CVSS: 7.0EPSS: 0%CPEs: 4EXPL: 0

DMA transactions which are targeted at input buffers used for the NvmExpressDxe software SMI handler could cause SMRAM corruption through a TOCTOU attack. DMA transactions which are targeted at input buffers used for the software SMI handler used by the NvmExpressDxe driver could cause SMRAM corruption through a TOCTOU attack. This issue was discovered by Insyde engineering based on the general description provided by Intel's iSTARE group. This issue was fixed in kernel 5.2: 05.27.25, kernel 5.3: 05.36.25, kernel 5.4: 05.44.25, kernel 5.5: 05.52.25 https://www.insyde.com/security-pledge/SA-2022055 Las transacciones DMA que están dirigidas a los búferes de entrada utilizados para el controlador SMI del software NvmExpressDxe podrían causar corrupción de SMRAM a través de un ataque TOCTOU. Las transacciones DMA que están dirigidas a los búferes de entrada utilizados para el controlador SMI de software utilizado por el controlador NvmExpressDxe podrían causar corrupción de SMRAM a través de un ataque TOCTOU. • https://www.insyde.com/security-pledge https://www.insyde.com/security-pledge/SA-2022055 • CWE-367: Time-of-check Time-of-use (TOCTOU) Race Condition •

CVSS: 6.4EPSS: 0%CPEs: 3EXPL: 0

DMA transactions which are targeted at input buffers used for the software SMI handler used by the IdeBusDxe driver could cause SMRAM corruption through a TOCTOU attack... DMA transactions which are targeted at input buffers used for the software SMI handler used by the IdeBusDxe driver could cause SMRAM corruption through a TOCTOU attack. This issue was discovered by Insyde engineering based on the general description provided by Intel's iSTARE group. Fixed in kernel 5.2: 05.27.25, kernel 5.3: 05.36.25, kernel 5.4: 05.44.25 https://www.insyde.com/security-pledge/SA-2022049 Las transacciones DMA que están dirigidas a los búferes de entrada utilizados para el controlador SMI de software utilizado por el controlador IdeBusDxe podrían causar corrupción de SMRAM a través de un ataque TOCTOU... Las transacciones DMA que están dirigidas a los búferes de entrada utilizados para el controlador SMI de software utilizado por el controlador IdeBusDxe podrían causar corrupción SMRAM a través de un ataque TOCTOU. • https://cert-portal.siemens.com/productcert/pdf/ssa-450613.pdf https://www.insyde.com/security-pledge https://www.insyde.com/security-pledge/SA-2022049 • CWE-367: Time-of-check Time-of-use (TOCTOU) Race Condition •

CVSS: 6.4EPSS: 0%CPEs: 4EXPL: 0

Update description and links DMA transactions which are targeted at input buffers used for the software SMI handler used by the FvbServicesRuntimeDxe driver could cause SMRAM corruption through a TOCTOU attack.. "DMA transactions which are targeted at input buffers used for the software SMI handler used by the FvbServicesRuntimeDxe driver could cause SMRAM corruption. This issue was discovered by Insyde engineering based on the general description provided by Intel's iSTARE group. Fixed in Kernel 5.2: 05.27.21. Kernel 5.3: 05.36.21. • https://cert-portal.siemens.com/productcert/pdf/ssa-450613.pdf https://www.insyde.com/security-pledge https://www.insyde.com/security-pledge/SA-2022044 • CWE-367: Time-of-check Time-of-use (TOCTOU) Race Condition •