VYPR

FwBlockServiceSmm

by Insyde

CVEs (2)

  • CVE-2022-29277HigNov 15, 2022
    risk 0.57cvss 8.8epss 0.00

    Incorrect pointer checks within the the FwBlockServiceSmm driver can allow arbitrary RAM modifications During review of the FwBlockServiceSmm driver, certain instances of SpiAccessLib could be tricked into writing 0xff to arbitrary system and SMRAM addresses. Fixed in: INTEL…

  • CVE-2022-33906MedNov 15, 2022
    risk 0.42cvss 6.4epss 0.00

    DMA transactions which are targeted at input buffers used for the FwBlockServiceSmm software SMI handler could cause SMRAM corruption through a TOCTOU attack. DMA transactions which are targeted at input buffers used for the software SMI handler used by the FwBlockServiceSmm…