VYPR

Kernel

by Insyde

CVEs (5)

  • CVE-2022-29276HigNov 15, 2022
    risk 0.53cvss 8.2epss 0.00

    SMI functions in AhciBusDxe use untrusted inputs leading to corruption of SMRAM. SMI functions in AhciBusDxe use untrusted inputs leading to corruption of SMRAM. This issue was discovered by Insyde during security review. It was fixed in: Kernel 5.0: version 05.09.18 Kernel 5.1:…

  • CVE-2022-33909HigNov 15, 2022
    risk 0.46cvss 7.0epss 0.00

    DMA transactions which are targeted at input buffers used for the HddPassword software SMI handler could cause SMRAM corruption through a TOCTOU attack. DMA transactions which are targeted at input buffers used for the software SMI handler used by the HddPassword driver could…

  • CVE-2022-32267MedNov 15, 2022
    risk 0.42cvss 6.4epss 0.00

    DMA transactions which are targeted at input buffers used for the SmmResourceCheckDxe software SMI handler cause SMRAM corruption (a TOCTOU attack) DMA transactions which are targeted at input buffers used for the software SMI handler used by the SmmResourceCheckDxe driver could…

  • CVE-2022-30774MedNov 15, 2022
    risk 0.42cvss 6.4epss 0.00

    DMA attacks on the parameter buffer used by the PnpSmm driver could change the contents after parameter values have been checked but before they are used (a TOCTOU attack) DMA attacks on the parameter buffer used by the PnpSmm driver could change the contents after parameter…

  • CVE-2022-33907MedNov 14, 2022
    risk 0.42cvss 6.4epss 0.00

    DMA transactions which are targeted at input buffers used for the software SMI handler used by the IdeBusDxe driver could cause SMRAM corruption through a TOCTOU attack... DMA transactions which are targeted at input buffers used for the software SMI handler used by the…