← Back

CVE-2022-29278

nvd nist
Published: Nov 15, 2022Modified: Apr 30, 2025

JSON object

Loading...
8.2
Vector
CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:C/C:H/I:H/A:H
Exploitability: 1.5 / Impact: 6.0
Source: NVD

Description

Incorrect pointer checks within the NvmExpressDxe driver can allow tampering with SMRAM and OS memory Incorrect pointer checks within the NvmExpressDxe driver can allow tampering with SMRAM and OS memory. This issue was discovered by Insyde during security review. Fixed in: Kernel 5.1: Version 05.17.23 Kernel 5.2: Version 05.27.23 Kernel 5.3: Version 05.36.23 Kernel 5.4: Version 05.44.23 Kernel 5.5: Version 05.52.23 https://www.insyde.com/security-pledge/SA-2022061

Affected (5)

Products: Insyde: Kernel
Insyde
1 product
Kernel
Configuration A
5 vulnerable
Vulnerable SoftwareAffected Versions
Insyde
Kernel
From 5.1 to 5.1.05.17.23
Kernel
From 5.2 to 5.2.05.27.23
Kernel
From 5.3 to 5.3.05.36.23
Kernel
From 5.4 to 5.4.05.44.23
Kernel
From 5.5 to 5.5.05.52.23

Related CWEs

CWE-754
Improper Check for Unusual or Exceptional Conditions
The product does not check or incorrectly checks for unusual or exceptional conditions that are not expected to occur frequently during day to day operation of the product.

References (4)

Source: cve@mitre.org
Vendor Advisory
Source: cve@mitre.org
Vendor Advisory
Source: af854a3a-2127-422b-91ae-364da2661108
Vendor Advisory
Source: af854a3a-2127-422b-91ae-364da2661108
Vendor Advisory

Timeline

No history available yet.