Vulnerabilities > Time-of-check Time-of-use (TOCTOU) Race Condition
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2022-11-23 | CVE-2022-34830 | Time-of-check Time-of-use (TOCTOU) Race Condition vulnerability in ARM Utgard GPU Kernel Driver R11P0/R12P0 An Arm product family through 2022-06-29 has a TOCTOU Race Condition that allows non-privileged user to make improper GPU processing operations to gain access to already freed memory. | 7.5 |
| 2022-11-15 | CVE-2022-30283 | Time-of-check Time-of-use (TOCTOU) Race Condition vulnerability in Insyde Kernel In UsbCoreDxe, tampering with the contents of the USB working buffer using DMA while certain USB transactions are in process leads to a TOCTOU problem that could be used by an attacker to cause SMRAM corruption and escalation of privileges The UsbCoreDxe module creates a working buffer for USB transactions outside of SMRAM. | 7.5 |
| 2022-11-15 | CVE-2022-30774 | Time-of-check Time-of-use (TOCTOU) Race Condition vulnerability in Insyde Kernel DMA attacks on the parameter buffer used by the PnpSmm driver could change the contents after parameter values have been checked but before they are used (a TOCTOU attack) DMA attacks on the parameter buffer used by the PnpSmm driver could change the contents after parameter values have been checked but before they are used (a TOCTOU attack) . | 6.4 |
| 2022-11-15 | CVE-2022-31243 | Time-of-check Time-of-use (TOCTOU) Race Condition vulnerability in Insyde Kernel Update description and links DMA transactions which are targeted at input buffers used for the software SMI handler used by the FvbServicesRuntimeDxe driver could cause SMRAM corruption through a TOCTOU attack.. | 6.4 |
| 2022-11-15 | CVE-2022-32267 | Time-of-check Time-of-use (TOCTOU) Race Condition vulnerability in Insyde Kernel DMA transactions which are targeted at input buffers used for the SmmResourceCheckDxe software SMI handler cause SMRAM corruption (a TOCTOU attack) DMA transactions which are targeted at input buffers used for the software SMI handler used by the SmmResourceCheckDxe driver could cause SMRAM corruption through a TOCTOU attack... | 6.4 |
| 2022-11-15 | CVE-2022-33905 | Time-of-check Time-of-use (TOCTOU) Race Condition vulnerability in Insyde Kernel DMA transactions which are targeted at input buffers used for the AhciBusDxe software SMI handler could cause SMRAM corruption (a TOCTOU attack). | 7.0 |
| 2022-11-15 | CVE-2022-33906 | Time-of-check Time-of-use (TOCTOU) Race Condition vulnerability in Insyde Kernel DMA transactions which are targeted at input buffers used for the FwBlockServiceSmm software SMI handler could cause SMRAM corruption through a TOCTOU attack. | 6.4 |
| 2022-11-15 | CVE-2022-33908 | Time-of-check Time-of-use (TOCTOU) Race Condition vulnerability in Insyde Kernel DMA transactions which are targeted at input buffers used for the SdHostDriver software SMI handler could cause SMRAM corruption through a TOCTOU attack. | 7.0 |
| 2022-11-15 | CVE-2022-33909 | Time-of-check Time-of-use (TOCTOU) Race Condition vulnerability in Insyde Kernel DMA transactions which are targeted at input buffers used for the HddPassword software SMI handler could cause SMRAM corruption through a TOCTOU attack. | 7.0 |
| 2022-11-15 | CVE-2022-33983 | Time-of-check Time-of-use (TOCTOU) Race Condition vulnerability in Insyde Kernel DMA transactions which are targeted at input buffers used for the NvmExpressLegacy software SMI handler could cause SMRAM corruption through a TOCTOU attack. | 7.0 |