VYPR

VariableRuntimeDxe

by Insyde

CVEs (1)

  • CVE-2022-33986MedNov 15, 2022
    risk 0.42cvss 6.4epss 0.00

    DMA attacks on the parameter buffer used by the VariableRuntimeDxe software SMI handler could lead to a TOCTOU attack. DMA attacks on the parameter buffer used by the software SMI handler used by the driver VariableRuntimeDxe could lead to a TOCTOU attack on the SMI handler and…