Insyde's Security Pledge
Recent Security Advisories

INSYDE-SA-2023007
Product
CVSS Score
Original Date
Last Revised
InsydeH2O
8.2
2023-02-14
Summary
DMA attacks on the VariableRuntimeDxe shared buffer used by SMM and non-SMM code could cause TOCTOU issues which could lead to corruption of SMRAM and escalation of privileges.
Vulnerability Details
CVSS Vector: CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:C/C:H/I:H/A:H
DMA attacks on the VariableRuntimeDxe shared buffer used by SMM and non-SMM code could cause TOCTOU issues which could lead to corruption of SMRAM and escalation of privileges. The issue was discovered by Insyde engineering.
Solution Information
This version was fixed in the kernel versions below.
Kernel 5.2: 05.27.33
Kernel 5.3: 05.36.33
Kernel 5.4: 05.44.29
Kernel 5.5: 05.52.29
Acknowledgements
Revision History
Revision #
Date
Description
1
2023-02-14
Initial Release