Insyde Security Advisory 2022004

Insyde ID Advisory Category Impact of Vulnerability Severity Rating Original Date Last Revised
INSYDE-SA-2022004 Software AV:L/AC:L/PR:H/UI:N/S:C/C:H/I:H/A:H 8.2 01/04/2022 01/04/2022


AtaLegacySmm: SMI handler does not check CommBuffer leading to possible arbitrary code execution

Vulnerability Details


This corresponds to CVE-2021-41842 It affects the driver AtaLegacySmm. This issue was discovered by an external researcher. It was fixed in the following versions: Kernel 5.0: 05.08.46, Kernel 5.1: 05.16.46 Kernel 5.2: 05.26.46, Kernel 5.3: 05.35.46, Kernel 5.4: 05.43.46, Kernel 5.5: 05.51.45.

Revision History:

Revision Date Description
1.0 01/04/2022 Initial Release
1.1 02/08/2022 Added CVSS Rating

Return to Insyde's Security Pledge