Vulnerabilities > Time-of-check Time-of-use (TOCTOU) Race Condition
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2022-11-15 | CVE-2022-33983 | Time-of-check Time-of-use (TOCTOU) Race Condition vulnerability in Insyde Kernel DMA transactions which are targeted at input buffers used for the NvmExpressLegacy software SMI handler could cause SMRAM corruption through a TOCTOU attack. | 7.0 |
| 2022-11-15 | CVE-2022-33984 | Time-of-check Time-of-use (TOCTOU) Race Condition vulnerability in Insyde Kernel DMA transactions which are targeted at input buffers used for the SdMmcDevice software SMI handler could cause SMRAM corruption through a TOCTOU attack. | 7.0 |
| 2022-11-15 | CVE-2022-33985 | Time-of-check Time-of-use (TOCTOU) Race Condition vulnerability in Insyde Kernel DMA transactions which are targeted at input buffers used for the NvmExpressDxe software SMI handler could cause SMRAM corruption through a TOCTOU attack. | 7.0 |
| 2022-11-15 | CVE-2022-33986 | Time-of-check Time-of-use (TOCTOU) Race Condition vulnerability in Insyde Kernel DMA attacks on the parameter buffer used by the VariableRuntimeDxe software SMI handler could lead to a TOCTOU attack. | 6.4 |
| 2022-11-14 | CVE-2022-33907 | Time-of-check Time-of-use (TOCTOU) Race Condition vulnerability in Insyde Kernel DMA transactions which are targeted at input buffers used for the software SMI handler used by the IdeBusDxe driver could cause SMRAM corruption through a TOCTOU attack... | 6.4 |
| 2022-11-14 | CVE-2022-33982 | Time-of-check Time-of-use (TOCTOU) Race Condition vulnerability in Insyde Kernel DMA attacks on the parameter buffer used by the Int15ServiceSmm software SMI handler could lead to a TOCTOU attack on the SMI handler and lead to corruption of SMRAM. | 6.4 |
| 2022-11-14 | CVE-2022-34325 | Time-of-check Time-of-use (TOCTOU) Race Condition vulnerability in Insyde Insydeh2O DMA transactions which are targeted at input buffers used for the StorageSecurityCommandDxe software SMI handler could cause SMRAM corruption through a TOCTOU attack. | 7.8 |
| 2022-11-14 | CVE-2022-30773 | Time-of-check Time-of-use (TOCTOU) Race Condition vulnerability in Insyde Kernel DMA attacks on the parameter buffer used by the IhisiSmm driver could change the contents after parameter values have been checked but before they are used (a TOCTOU attack). | 6.4 |
| 2022-11-11 | CVE-2022-21198 | Time-of-check Time-of-use (TOCTOU) Race Condition vulnerability in Intel products Time-of-check time-of-use race condition in the BIOS firmware for some Intel(R) Processors may allow a privileged user to potentially enable escalation of privilege via local access. | 6.4 |
| 2022-11-08 | CVE-2022-32608 | Time-of-check Time-of-use (TOCTOU) Race Condition vulnerability in Google Android 12.0 In jpeg, there is a possible use after free due to a race condition. | 6.4 |