CVE-2022-30772: Potential SMRAM and OS Kernel Memory Overwrite Exploit through Manipulation of Input Address in PnpSmm Function x52
A potential vulnerability, identified under the reference CVE-2022-30772, may lead to the manipulation of the input address in the PnpSmm function x52. This issue arises
CVE-2022-30774: Exploring DMA Attacks on PnpSmm Driver's Parameter Buffer and Understanding the TOCTOU Vulnerability
In this in-depth analysis, we examine the vulnerability CVE-2022-30774, which exists in the parameter buffer used by the PnpSmm driver. This vulnerability revolves around a
CVE-2022-32267 - DMA Transactions Targeting Input Buffers in SmmResourceCheckDxe Software SMI Handler Lead to SMRAM Corruption
Summary: A flaw has been discovered in the SmmResourceCheckDxe driver, which could be exploited by a TOCTOU attack that targets the input buffers of the
CVE-2022-33984 - DMA Transactions Resulting in SMRAM Corruption via TOCTOU Attack in SdMmcDevice Software SMI Handler
In this long-read post, we will discuss the details of a recently discovered vulnerability, CVE-2022-33984, related to Direct Memory Access (DMA) transactions in SdMmcDevice Software
CVE-2022-31243: DMA Transaction-Targeted Input Buffers Causing SMRAM Corruption in FvbServicesRuntimeDxe Driver
A recently discovered critical vulnerability, CVE-2022-31243, has been found to cause SMRAM corruption in the FvbServicesRuntimeDxe driver. This vulnerability is related to Direct Memory Access
Episode
00:00:00
00:00:00