An issue was discovered in Kernel 5.x in Insyde InsydeH2O, affecting HddPassword. Software SMI services that use the Communicate() function of the EFI_SMM_COMMUNICATION_PROTOCOL do not check whether the address of the buffer is valid, which allows use of SMRAM, MMIO, or OS kernel addresses.
Fixes

Solution

No solution given by the vendor.


Workaround

No workaround given by the vendor.

History

No history.

cve-icon MITRE

Status: PUBLISHED

Assigner: mitre

Published:

Updated: 2024-08-03T23:58:21.414Z

Reserved: 2021-05-28T00:00:00

Link: CVE-2021-33625

cve-icon Vulnrichment

No data.

cve-icon NVD

Status : Modified

Published: 2022-02-03T02:15:06.930

Modified: 2024-11-21T06:09:13.220

Link: CVE-2021-33625

cve-icon Redhat

No data.

cve-icon OpenCVE Enrichment

No data.