Ling_Sec

**Name of the Vulnerable Software and Affected Versions** Dell BIOS (affected versions not specified) **Description** The issue is related to a heap buffer overflow vulnerability. A local attacker with admin privileges could potentially exploit this vulnerability to perform an arbitrary write to SMRAM during SMM. **Recommendations** At the moment, there is no information about a newer version that contains a fix for this vulnerability.

**Name of the Vulnerable Software and Affected Versions** Dell BIOS (affected versions not specified) **Description** The issue is a stack-based buffer overflow vulnerability. A local authenticated attacker could potentially exploit this by using an SMI to send larger than expected input to a `parameter` to gain arbitrary code execution in SMRAM. **Recommendations** At the moment, there is no information about a newer version that contains a fix for this vulnerability.

**Name of the Vulnerable Software and Affected Versions** Dell Alienware m17 R5 BIOS versions prior to 1.2.2 **Description** The issue is related to a buffer access vulnerability in the BIOS software of Dell Alienware m17 R5 laptops. A malicious user with admin privileges could potentially exploit this vulnerability by sending input larger than expected, which may lead to leaking certain sections of SMRAM. This could impact the confidentiality and integrity of protected information. **Recommendations** For Dell Alienware m17 R5 BIOS versions prior to 1.2.2, update the BIOS to version 1.2.2 or later to resolve the issue. As a temporary workaround, consider restricting admin privileges to minimize the risk of exploitation.