PT-2022-19516 · Insyde · Ahcibusdxe
Published
2022-11-15
·
Updated
2022-11-29
·
CVE-2022-29276
CVSS v3.1
8.2
High
| Vector | AV:L/AC:L/PR:H/UI:N/S:C/C:H/I:H/A:H |
Name of the Vulnerable Software and Affected Versions
AhciBusDxe versions prior to 05.09.18
AhciBusDxe versions prior to 05.17.18
AhciBusDxe versions prior to 05.27.18
AhciBusDxe versions prior to 05.36.18
AhciBusDxe versions prior to 05.44.18
AhciBusDxe versions prior to 05.52.18
Description
SMI functions in AhciBusDxe use untrusted inputs leading to corruption of SMRAM. This issue was discovered by Insyde during a security review.
Recommendations
For Kernel 5.0, update to version 05.09.18 or later.
For Kernel 5.1, update to version 05.17.18 or later.
For Kernel 5.2, update to version 05.27.18 or later.
For Kernel 5.3, update to version 05.36.18 or later.
For Kernel 5.4, update to version 05.44.18 or later.
For Kernel 5.5, update to version 05.52.18 or later.
Fix
Memory Corruption
Found an issue in the description? Have something to add? Feel free to write us 👾
Weakness Enumeration
Related Identifiers
Affected Products
Ahcibusdxe