Manipulation of the input address in PnpSmm function 0x52 could be used by malware to overwrite SMRAM or OS kernel memory. Function 0x52 of the PnpSmm driver is passed the address and size of data to write into the SMBIOS table, but manipulation of the address could be used by malware to overwrite SMRAM or OS kernel memory. This issue was discovered by Insyde engineering during a security review. This issue is fixed in: Kernel 5.0: 05.09.41 Kernel 5.1: 05.17.43 Kernel 5.2: 05.27.30 Kernel 5.3: 05.36.30 Kernel 5.4: 05.44.30 Kernel 5.5: 05.52.30 https://www.insyde.com/security-pledge/SA-2022065
Metrics
Affected Vendors & Products
References
History
No history.
MITRE
Status: PUBLISHED
Assigner: mitre
Published: 2022-11-15T00:00:00
Updated: 2024-08-03T06:56:14.035Z
Reserved: 2022-05-16T00:00:00
Link: CVE-2022-30772
Vulnrichment
No data.
NVD
Status : Modified
Published: 2022-11-15T21:15:36.967
Modified: 2024-11-21T07:03:20.927
Link: CVE-2022-30772
Redhat
No data.