Vulnerability Monitor

The vendors, products, and vulnerabilities you care about

CVE-2022-32955

An issue was discovered in Insyde InsydeH2O with kernel 5.0 through 5.5. DMA attacks on the NvmExpressDxe buffer used by SMM and non-SMM code could cause TOCTOU race-condition issues that could lead to corruption of SMRAM and escalation of privileges. This attack can be mitigated by using IOMMU protection for the ACPI runtime memory used for the command buffer. This attack can be mitigated by copying the link data to SMRAM before checking it and verifying that all pointers are within the buffer.

Published

2023-02-15T02:15:09.940

Last Modified

2025-03-19T19:15:38.053

Status

Modified

Source

[email protected]

Severity

CVSSv3.1: 7.0 (HIGH)

Weaknesses

Type: Primary
CWE-367
Type: Secondary
CWE-367

Affected Vendors & Products

Type	Vendor	Product	Version/Range	Vulnerable?
Application	insyde	insydeh2o	< 5.2.05.27.27	Yes
Application	insyde	insydeh2o	< 5.3.05.36.27	Yes
Application	insyde	insydeh2o	< 5.4.05.44.27	Yes
Application	insyde	insydeh2o	< 5.5.05.52.27	Yes

References

https://www.insyde.com/security-pledge Vendor Advisory ([email protected])
https://www.insyde.com/security-pledge/SA-2023015 Vendor Advisory ([email protected])
https://www.insyde.com/security-pledge Vendor Advisory (af854a3a-2127-422b-91ae-364da2661108)
https://www.insyde.com/security-pledge/SA-2023015 Vendor Advisory (af854a3a-2127-422b-91ae-364da2661108)