all InfoSec news logo
all InfoSec news - Your InfoSec news aggregator
Log in Sign up
all InfoSec news

CVE-2022-32954 (insydeh2o)

Add to bookmarks
Feb. 15, 2023, 2:15 a.m. |

National Vulnerability Database web.nvd.nist.gov

An issue was discovered in Insyde InsydeH2O with kernel 5.1 through 5.5. DMA attacks on the SdMmcDevice buffer used by SMM and non-SMM code could cause TOCTOU race-condition issues that could lead to corruption of SMRAM and escalation of privileges. This attack can be mitigated by using IOMMU protection for the ACPI runtime memory used for the command buffer. This attack can be mitigated by copying the link data to SMRAM before checking it and verifying that all pointers are …

acpi attack attacks buffer code command corruption cve data dma escalation insyde issue kernel link memory non privileges protection runtime toctou

Visit resource

More from web.nvd.nist.gov / National Vulnerability Database

CVE-2023-45955 (lightstrip_firmware) 6 months ago | web.nvd.nist.gov
attackers cve denial of service issue +1
CVE-2023-40101 (android) 6 months ago | web.nvd.nist.gov
android check collapse cve +7
CVE-2023-21377 (android) 6 months ago | web.nvd.nist.gov
android bypass cve disclosure +8
CVE-2023-21380 (android) 6 months ago | web.nvd.nist.gov
android bluetooth buffer buffer overflow +9
CVE-2023-21382 (android) 6 months ago | web.nvd.nist.gov
access android check cve +11
CVE-2023-21381 (android) 6 months ago | web.nvd.nist.gov
android arbitrary code code code execution +10
CVE-2023-21385 (android) 6 months ago | web.nvd.nist.gov
android corruption cve disclosure +7
CVE-2023-21387 (android) 6 months ago | web.nvd.nist.gov
android backup bypass cve +11
CVE-2023-21389 (android) 6 months ago | web.nvd.nist.gov
android bypass check cve +10

Jobs in InfoSec / Cybersecurity

Post a job on infosec-jobs.com Find talent on infosec-jobs.com

Social Engineer For Reverse Engineering Exploit Study

@ Independent study | Remote
View on infosec-jobs.com

Information Security Engineer, Sr. (Container Hardening)

@ Rackner | San Antonio, TX
View on infosec-jobs.com

BaaN IV Techno-functional consultant-On-Balfour

@ Marlabs | Piscataway, US
View on infosec-jobs.com

Senior Security Analyst

@ BETSOL | Bengaluru, India
View on infosec-jobs.com

Security Operations Centre Operator

@ NEXTDC | West Footscray, Australia
View on infosec-jobs.com

Senior Network and Security Research Officer

@ University of Toronto | Toronto, ON, CA
View on infosec-jobs.com
View more jobs