系微安全保證
最新安全公告
Security Advisory Archives
BIOS & BMC
InsydeH2O | 2022年11月8日 : SA-2022056
| Link | Summary | CVSS Score |
|---|---|---|
| INSYDE-SA-2022056 | DMA attacks on the parameter buffer used by the VariableRuntimeDxe software SMI handler could lead to a TOCTOU attack. | 7.4 |
InsydeH2O | 2022年11月8日 : SA-2022055
| Link | Summary | CVSS Score |
|---|---|---|
| INSYDE-SA-2022055 | DMA transactions which are targeted at input buffers used for the NvmExpressDxe software SMI handler could cause SMRAM corruption through a TOCTOU attack. | 7.8 |
InsydeH2O | 2022年11月8日 : SA-2022054
| Link | Summary | CVSS Score |
|---|---|---|
| INSYDE-SA-2022054 | DMA transactions which are targeted at input buffers used for the SdMmcDevice software SMI handler could cause SMRAM corruption through a TOCTOU attack. | 7.8 |
InsydeH2O | 2022年11月8日 : SA-2022053
| Link | Summary | CVSS Score |
|---|---|---|
| INSYDE-SA-2022053 | DMA transactions which are targeted at input buffers used for the NvmExpressLegacy software SMI handler could cause SMRAM corruption through a TOCTOU attack. | 7.8 |
InsydeH2O | 2022年11月8日 : SA-2022052
| Link | Summary | CVSS Score |
|---|---|---|
| INSYDE-SA-2022052 | DMA attacks on the parameter buffer used by the Int15ServiceSmm software SMI handler could lead to a TOCTOU attack on the SMI handler and lead to corruption of SMRAM. | 7.4 |
InsydeH2O | 2022年11月8日 : SA-2022051
| Link | Summary | CVSS Score |
|---|---|---|
| INSYDE-SA-2022051 | DMA transactions which are targeted at input buffers used for the HddPassword software SMI handler could cause SMRAM corruption through a TOCTOU attack. | 7.8 |
InsydeH2O | 2022年11月8日 : SA-2022050
| Link | Summary | CVSS Score |
|---|---|---|
| INSYDE-SA-2022050 | DMA transactions which are targeted at input buffers used for the SdHostDriver software SMI handler could cause SMRAM corruption through a TOCTOU attack. | 7.8 |
InsydeH2O | 2022年11月8日 : SA-2022049
| Link | Summary | CVSS Score |
|---|---|---|
| INSYDE-SA-2022049 | DMA transactions which are targeted at input buffers used for the software SMI handler used by the IdeBusDxe driver could cause SMRAM corruption through a TOCTOU attack. | 8.2 |
InsydeH2O | 2022年11月8日 : SA-2022048
| Link | Summary | CVSS Score |
|---|---|---|
| INSYDE-SA-2022048 | DMA transactions which are targeted at input buffers used for the FwBlockServiceSmm software SMI handler could cause SMRAM corruption through a TOCTOU attack. | 8.2 |
InsydeH2O | 2022年11月8日 : SA-2022047
| Link | Summary | CVSS Score |
|---|---|---|
| INSYDE-SA-2022047 | DMA transactions which are targeted at input buffers used for the AhciBusDxe software SMI handler could cause SMRAM corruption (a TOCTOU attack). | 7.8 |
InsydeH2O | 2022年11月8日 : SA-2022046
| Link | Summary | CVSS Score |
|---|---|---|
| INSYDE-SA-2022046 | DMA transactions which are targeted at input buffers used for the SmmResourceCheckDxe software SMI handler cause SMRAM corruption (a TOCTOU attack). | 4.4 |
InsydeH2O | 2022年11月8日 : SA-2022045
| Link | Summary | CVSS Score |
|---|---|---|
| INSYDE-SA-2022045 | DMA attacks on the parameter buffer used by a software SMI handler used by the driver PcdSmmDxe could lead to corruption of other ACPI fields and adjacent memory fields (a TOCTOU attack). | 3.9 |