Manipulation of the input address in PnpSmm function 0x52 could be used by malware to overwrite SMRAM or OS kernel memory. Function 0x52 of the PnpSmm driver is passed the address and size of data to write into the SMBIOS table, but manipulation of the address could be used by malware to overwrite SMRAM or OS kernel memory. This issue was discovered by Insyde engineering during a security review. This issue is fixed in: Kernel 5.0: 05.09.41 Kernel 5.1: 05.17.43 Kernel 5.2: 05.27.30 Kernel 5.3: 05.36.30 Kernel 5.4: 05.44.30 Kernel 5.5: 05.52.30 https://www.insyde.com/security-pledge/SA-2022065
History

No history.

cve-icon MITRE

Status: PUBLISHED

Assigner: mitre

Published: 2022-11-15T00:00:00

Updated: 2024-08-03T06:56:14.035Z

Reserved: 2022-05-16T00:00:00

Link: CVE-2022-30772

cve-icon Vulnrichment

No data.

cve-icon NVD

Status : Modified

Published: 2022-11-15T21:15:36.967

Modified: 2024-11-21T07:03:20.927

Link: CVE-2022-30772

cve-icon Redhat

No data.