VYPR

SdMmcDevice

by Insyde

CVEs (2)

  • CVE-2022-29279HigNov 15, 2022
    risk 0.53cvss 8.2epss 0.00

    Use of a untrusted pointer allows tampering with SMRAM and OS memory in SdHostDriver and SdMmcDevice Use of a untrusted pointer allows tampering with SMRAM and OS memory in SdHostDriver and SdMmcDevice. This issue was discovered by Insyde during security review. It was fixed in:…

  • CVE-2022-33984HigNov 15, 2022
    risk 0.46cvss 7.0epss 0.00

    DMA transactions which are targeted at input buffers used for the SdMmcDevice software SMI handler could cause SMRAM corruption through a TOCTOU attack. DMA transactions which are targeted at input buffers used for the software SMI handler used by the SdMmcDevice driver could…