exploitDog

GHSA-79rc-fcmg-3r4m

Опубликовано: 07 авг. 2023

Источник: github

Github: Не прошло ревью

CVSS3: 5.5

Описание

An issue was discovered in Insyde InsydeH2O with kernel 5.0 through 5.5. Due to insufficient input validation, an attacker can tamper with a runtime-accessible EFI variable to cause a dynamic BAR setting to overlap SMRAM.

An issue was discovered in Insyde InsydeH2O with kernel 5.0 through 5.5. Due to insufficient input validation, an attacker can tamper with a runtime-accessible EFI variable to cause a dynamic BAR setting to overlap SMRAM.

Ссылки

EPSS

Процентиль: 19%

0.00062

Низкий

5.5 Medium

CVSS3

CVE ID

Дефекты

CWE-20

Связанные уязвимости

CVE-2023-27373

CVSS3: 5.5

nvd

больше 2 лет назад

An issue was discovered in Insyde InsydeH2O with kernel 5.0 through 5.5. Due to insufficient input validation, an attacker can tamper with a runtime-accessible EFI variable to cause a dynamic BAR setting to overlap SMRAM.

EPSS

Процентиль: 19%

0.00062

Низкий

5.5 Medium

CVSS3

CVE ID

Дефекты

CWE-20