VYPR

NvmExpressDxe

by Insyde

CVEs (2)

  • CVE-2022-29278HigNov 15, 2022
    risk 0.53cvss 8.2epss 0.00

    Incorrect pointer checks within the NvmExpressDxe driver can allow tampering with SMRAM and OS memory Incorrect pointer checks within the NvmExpressDxe driver can allow tampering with SMRAM and OS memory. This issue was discovered by Insyde during security review. Fixed in:…

  • CVE-2022-33985HigNov 15, 2022
    risk 0.46cvss 7.0epss 0.00

    DMA transactions which are targeted at input buffers used for the NvmExpressDxe software SMI handler could cause SMRAM corruption through a TOCTOU attack. DMA transactions which are targeted at input buffers used for the software SMI handler used by the NvmExpressDxe driver…