Insyde's Security Pledge
Insyde Security Advisory 2022004
Insyde ID | Advisory Category | Impact of Vulnerability | Severity Rating | Original Date | Last Revised |
INSYDE-SA-2022004 | Software | AV:L/AC:L/PR:H/UI:N/S:C/C:H/I:H/A:H | 8.2 | 01/04/2022 | 01/04/2022 |
Summary:
AtaLegacySmm: SMI handler does not check CommBuffer leading to possible arbitrary code execution
Vulnerability Details
This corresponds to CVE-2021-41842 It affects the driver AtaLegacySmm. This issue was discovered by an external researcher. It was fixed in the following versions: Kernel 5.0: 05.08.46, Kernel 5.1: 05.16.46 Kernel 5.2: 05.26.46, Kernel 5.3: 05.35.46, Kernel 5.4: 05.43.46, Kernel 5.5: 05.51.45.
Revision History:
Revision | Date | Description |
1.0 | 01/04/2022 | Initial Release |
1.1 | 02/08/2022 | Added CVSS Rating |