Insyde's Security Pledge

Recent Security Advisories

INSYDE-SA-2023007

Product

CVSS Score

Original Date

Last Revised

InsydeH2O

8.2

2023-02-14

Summary

DMA attacks on the VariableRuntimeDxe shared buffer used by SMM and non-SMM code could cause TOCTOU issues which could lead to corruption of SMRAM and escalation of privileges.

Vulnerability Details

CVSS Vector: CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:C/C:H/I:H/A:H

CVE-2022-32475

DMA attacks on the VariableRuntimeDxe shared buffer used by SMM and non-SMM code could cause TOCTOU issues which could lead to corruption of SMRAM and escalation of privileges. The issue was discovered by Insyde engineering.

Solution Information

This version was fixed in the kernel versions below.

Kernel 5.2: 05.27.33
Kernel 5.3: 05.36.33
Kernel 5.4: 05.44.29
Kernel 5.5: 05.52.29

Acknowledgements

Revision History

Revision #

Date

Description

1

2023-02-14

Initial Release