Insyde - CVE CyberSecurity Database News (Page 3)

CVE-2022-31243: DMA Transaction-Targeted Input Buffers Causing SMRAM Corruption in FvbServicesRuntimeDxe Driver

Nov 15, 2022 Exploit Insyde kernel

CVE-2022-31243: DMA Transaction-Targeted Input Buffers Causing SMRAM Corruption in FvbServicesRuntimeDxe Driver

A recently discovered critical vulnerability, CVE-2022-31243, has been found to cause SMRAM corruption in the FvbServicesRuntimeDxe driver. This vulnerability is related to Direct Memory Access

Nov 14, 2022 Insyde kernel

CVE-2022-33907 - DMA Attacks on Input Buffers in IdeBusDxe Driver Result in SMRAM Corruption via TOCTOU Attack

A recent security vulnerability, CVE-2022-33907, was discovered by Insyde engineers based on a general description provided by Intel's iSTARE group. This vulnerability revolves

Nov 14, 2022 Exploit Insyde kernel

CVE-2022-32266: DMA Attacks on Parameter Buffer Used by Software SMI Handler (PcdSmmDxe Driver)

A newly discovered vulnerability dubbed as CVE-2022-32266 has been found in Insyde InsydeH2O with kernel versions 5. through 5.5, which can potentially lead to

Nov 14, 2022 Exploit Insyde kernel

CVE-2022-30773: DMA Attacks on IhisiSmm Driver Parameter Buffer - A TOCTOU Attack Overview, Impacts, and Mitigation

A recently discovered vulnerability, CVE-2022-30773, involves DMA (Direct Memory Access) attacks on the parameter buffer utilized by the IhisiSmm driver. Essentially, attackers exploit this vulnerability