exploitDog

GHSA-2pww-4jgc-f998

Опубликовано: 15 мая 2024

Источник: github

Github: Не прошло ревью

CVSS3: 7.4

Описание

A memory corruption vulnerability in StorageSecurityCommandDxe in Insyde InsydeH2O before kernel 5.2: IB19130163 in 05.29.07, kernel 5.3: IB19130163 in 05.38.07, kernel 5.4: IB19130163 in 05.46.07, kernel 5.5: IB19130163 in 05.54.07, and kernel 5.6: IB19130163 in 05.61.07 could lead to escalating privileges in SMM.

A memory corruption vulnerability in StorageSecurityCommandDxe in Insyde InsydeH2O before kernel 5.2: IB19130163 in 05.29.07, kernel 5.3: IB19130163 in 05.38.07, kernel 5.4: IB19130163 in 05.46.07, kernel 5.5: IB19130163 in 05.54.07, and kernel 5.6: IB19130163 in 05.61.07 could lead to escalating privileges in SMM.

Ссылки

EPSS

Процентиль: 30%

0.00112

Низкий

7.4 High

CVSS3

CVE ID

Дефекты

CWE-822

Связанные уязвимости

CVE-2024-25078

CVSS3: 7.4

nvd

больше 1 года назад

A memory corruption vulnerability in StorageSecurityCommandDxe in Insyde InsydeH2O before kernel 5.2: IB19130163 in 05.29.07, kernel 5.3: IB19130163 in 05.38.07, kernel 5.4: IB19130163 in 05.46.07, kernel 5.5: IB19130163 in 05.54.07, and kernel 5.6: IB19130163 in 05.61.07 could lead to escalating privileges in SMM.

EPSS

Процентиль: 30%

0.00112

Низкий

7.4 High

CVSS3

CVE ID

Дефекты

CWE-822