Insyde's Security Pledge
Insyde Security Advisory 2022061
| Insyde ID | Advisory Category | Impact of Vulnerability | Severity Rating | Original Date | Last Revised |
| INSYDE-SA-2022061 | Software | CVSS3.1:AV:L/AC:H/PR:H/UI:N/S:C/C:H/I:H/A:H | 7.5 | 11/14/2022 | 11/14/2022 |
Summary:
Incorrect pointer checks within the NvmExpressDxe driver can allow tampering with SMRAM and OS memory.
Vulnerability Details
Incorrect pointer checks within the NvmExpressDxe driver can allow tampering with SMRAM and OS memory. This issue was discovered by Insyde during security review. Fixed in:
Kernel 5.1: Version 05.17.23
Kernel 5.2: Version 05.27.23
Kernel 5.3: Version 05.36.23
Kernel 5.4: Version 05.44.23
Kernel 5.5: Version 05.52.23
Revision History:
| Revision | Date | Description |
| 1.0 | 11/14/2022 | Initial Release |
| - | - | - |