Vulnerabilities > CVE-2022-30771 - Out-of-bounds Write vulnerability in Insyde Kernel

047910
CVSS 8.2 - HIGH
Attack vector
LOCAL
Attack complexity
LOW
Privileges required
HIGH
Confidentiality impact
HIGH
Integrity impact
HIGH
Availability impact
HIGH
local
low complexity
insyde
CWE-787

Summary

Initialization function in PnpSmm could lead to SMRAM corruption when using subsequent PNP SMI functions Initialization function in PnpSmm could lead to SMRAM corruption when using subsequent PNP SMI functions. This issue was discovered by Insyde engineering during a security review. Fixed in: Kernel 5.1: Version 05.17.25 Kernel 5.2: Version 05.27.25 Kernel 5.3: Version 05.36.25 Kernel 5.4: Version 05.44.25 Kernel 5.5: Version 05.52.25 https://www.insyde.com/security-pledge/SA-2022064

Vulnerable Configurations

Part Description Count
OS
Insyde
5

Common Weakness Enumeration (CWE)