Vulnerability Monitor

The vendors, products, and vulnerabilities you care about

CVE-2022-29279

Use of a untrusted pointer allows tampering with SMRAM and OS memory in SdHostDriver and SdMmcDevice Use of a untrusted pointer allows tampering with SMRAM and OS memory in SdHostDriver and SdMmcDevice. This issue was discovered by Insyde during security review. It was fixed in: Kernel 5.0: version 05.09.17 Kernel 5.1: version 05.17.17 Kernel 5.2: version 05.27.17 Kernel 5.3: version 05.36.17 Kernel 5.4: version 05.44.17 Kernel 5.5: version 05.52.17 https://www.insyde.com/security-pledge/SA-2022062

Published

2022-11-15T22:15:11.277

Last Modified

2025-04-30T15:15:52.927

Status

Modified

Source

[email protected]

Severity

CVSSv3.1: 8.2 (HIGH)

Weaknesses

Type: Primary
CWE-119
Type: Secondary
CWE-119

Affected Vendors & Products

Type	Vendor	Product	Version/Range	Vulnerable?
Operating System	insyde	kernel	< 5.0.05.09.17	Yes
Operating System	insyde	kernel	< 5.1.05.17.17	Yes
Operating System	insyde	kernel	< 5.2.05.27.17	Yes
Operating System	insyde	kernel	< 5.3.05.36.17	Yes
Operating System	insyde	kernel	< 5.4.05.44.17	Yes
Operating System	insyde	kernel	< 5.5.05.52.17	Yes

References

https://www.insyde.com/security-pledge Vendor Advisory ([email protected])
https://www.insyde.com/security-pledge/SA-2022062 Vendor Advisory ([email protected])
https://www.insyde.com/security-pledge Vendor Advisory (af854a3a-2127-422b-91ae-364da2661108)
https://www.insyde.com/security-pledge/SA-2022062 Vendor Advisory (af854a3a-2127-422b-91ae-364da2661108)