Vulnerability Monitor

The vendors, products, and vulnerabilities you care about

CVE-2022-32474

An issue was discovered in Insyde InsydeH2O with kernel 5.0 through 5.5. DMA attacks on the StorageSecurityCommandDxe shared buffer used by SMM and non-SMM code could cause TOCTOU race-condition issues that could lead to corruption of SMRAM and escalation of privileges. This attack can be mitigated using IOMMU protection for the ACPI runtime memory used for the command buffer. This attack can be mitigated by copying the firmware block services data to SMRAM before checking it.

Published

2023-02-15T02:15:09.737

Last Modified

2025-03-20T14:15:15.290

Status

Modified

Source

[email protected]

Severity

CVSSv3.1: 7.0 (HIGH)

Weaknesses

Type: Primary
CWE-367
Type: Secondary
CWE-367

Affected Vendors & Products

Type	Vendor	Product	Version/Range	Vulnerable?
Application	insyde	insydeh2o	< 5.0.05.09.42	Yes
Application	insyde	insydeh2o	< 5.1.05.17.42	Yes
Application	insyde	insydeh2o	< 5.2.05.27.38	Yes
Application	insyde	insydeh2o	< 5.3.05.36.38	Yes
Application	insyde	insydeh2o	< 5.4.05.44.38	Yes
Application	insyde	insydeh2o	< 5.5.05.52.38	Yes

References

https://www.insyde.com/security-pledge Vendor Advisory ([email protected])
https://www.insyde.com/security-pledge/SA-2023006 Vendor Advisory ([email protected])
https://www.insyde.com/security-pledge Vendor Advisory (af854a3a-2127-422b-91ae-364da2661108)
https://www.insyde.com/security-pledge/SA-2023006 Vendor Advisory (af854a3a-2127-422b-91ae-364da2661108)