CVE-2022-29275 Untrusted input may allow SMRAM or OS memory tampering Use of untrusted pointers could allow OS or SMRAM memory tampering and lead to escalation of privileges. This issue was discovered by Insyde during security review.
Untrusted input may lead to remote code execution on Intel vPro/hypervisor platforms Untrusted input may lead to remote code execution on Intel vPro/hypervisor platforms. This issue was discovered by Insyde during security review. It was fixed in: Kernel 5.0: version 05.09.21 Kernel 5.1: version 05.17.21 https://www.insyde.com/security-pledge/SA-2042096
Unsafe use of tcp_cork() may lead to information disclosure on Intel vPro/hypervisor platforms Untrusted input may lead to remote code execution on Intel vPro/hypervisor platforms. This issue was discovered by Insyde during security review. It was fixed in: Kernel 5.0: version 05.09.21 https://www.insyde.com/security-pledge/SA-2042096
Untrusted input in kfifo_buf() may lead to information disclosure on Intel vPro/hypervisor platforms Untrusted input in kfifo_buf() may lead to remote code execution on Intel vPro/hypervisor platforms. This issue was discovered by Insyde during security review. It was fixed in: Kernel 5.0: version 05.09.21 https://www.insyde.com/security-pledge/SA-2042096
Unsafe chown() on a user-defined data
Background Information
Unsafe use of tcp_cork() may lead to information disclosure on Intel vPro/hypervisor platforms. This issue was discovered by Insyde during security review. It was fixed in: Kernel 5.0: version 05.09 https://www.insyde.com/security-pledge/SA-2042096
Consequences of the issue
This could lead to information disclosure on Intel vPro/hypervisor platforms. This issue was discovered by Insyde during security review. It was fixed in: Kernel 5.0: version 05.09.21 https://www.insyde.com/security-pledge/SA-2042096
Unsafe chown() on a user-defined data
Potential Impact of the Vulnerability
An attacker could cause a denial of service on the host system.
common pitfalls of chown() untrusted input may lead to remote code execution on Intel vPro/hypervisor platforms. This issue was discovered by Insyde during security review. It was fixed in: Kernel 5.0: version 05.09.21
Dependency on Insyde Untrusted input in kfifo_buf() may lead to remote code execution on Intel vPro/hypervisor platforms. This issue was discovered by Insyde during security review. It was fixed in: Kernel 5.0: version 05.09.21 https://www.insyde.com/security-pledge/SA-2042096
Untrusted input in kfifo_buf() may lead to remote code execution on Intel vPro/hypervisor platforms Untrusted input in kfifo_buf() may lead to remote code execution on Intel vPro/hypervisor platforms. This issue was discovered by Insyde during security review. It was fixed in: Kernel 5.0: version 05.09.21 https://www.insyde.com/security-pledge/SA-2042096
Timeline
Published on: 11/15/2022 21:15:00 UTC
Last modified on: 11/23/2022 16:20:00 UTC