Insyde Security Advisory 2023056

Insyde ID Advisory Category Impact of Vulnerability Severity Rating Original Date Last Revised
INSYDE-SA-2023056 Software CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:C/C:L/I:H/A:N 6.1 10/31/2023 10/31/2023

Summary:

IhisiServicesSmm: Arbitrary calls to SetVariable with unsanitized arguments in SMI handler.

Vulnerability Details:

CVE-2023-39284
BRLY-2023-005

SMI handler that passes attacker controlled arguments to SmmSetVariable() without any sort of filtering/sanitization.

Solution Information:
kernel 5.2: Version 05.28.33
kernel 5.3: Version 05.37.33
kernel 5.4: Version 05.45.33
kernel 5.5: Version 05.53.33
kernel 5.6: Version 05.60.33

Acknowledgements:

Thanks to the BINARLY efiXplorer team, 3rd party researchers, for reporting the vulnerability and engaging in this coordinated disclosure.

Revision History:

Revision Date Description
1.0 10/31/2023 Initial Release
-- -- --

Return to Insyde's Security Pledge