Vulnerabilities > Insyde > Kernel > High
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2022-11-15 | CVE-2022-33908 | Time-of-check Time-of-use (TOCTOU) Race Condition vulnerability in Insyde Kernel DMA transactions which are targeted at input buffers used for the SdHostDriver software SMI handler could cause SMRAM corruption through a TOCTOU attack. | 7.0 |
| 2022-11-15 | CVE-2022-33909 | Time-of-check Time-of-use (TOCTOU) Race Condition vulnerability in Insyde Kernel DMA transactions which are targeted at input buffers used for the HddPassword software SMI handler could cause SMRAM corruption through a TOCTOU attack. | 7.0 |
| 2022-11-15 | CVE-2022-33983 | Time-of-check Time-of-use (TOCTOU) Race Condition vulnerability in Insyde Kernel DMA transactions which are targeted at input buffers used for the NvmExpressLegacy software SMI handler could cause SMRAM corruption through a TOCTOU attack. | 7.0 |
| 2022-11-15 | CVE-2022-33984 | Time-of-check Time-of-use (TOCTOU) Race Condition vulnerability in Insyde Kernel DMA transactions which are targeted at input buffers used for the SdMmcDevice software SMI handler could cause SMRAM corruption through a TOCTOU attack. | 7.0 |
| 2022-11-15 | CVE-2022-33985 | Time-of-check Time-of-use (TOCTOU) Race Condition vulnerability in Insyde Kernel DMA transactions which are targeted at input buffers used for the NvmExpressDxe software SMI handler could cause SMRAM corruption through a TOCTOU attack. | 7.0 |
| 2021-12-01 | CVE-2021-38575 | Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in multiple products NetworkPkg/IScsiDxe has remotely exploitable buffer overflows. | 8.1 |