CVE-2022-29278

Name of the Vulnerable Software and Affected Versions NvmExpressDxe driver versions prior to 05.17.23 NvmExpressDxe driver versions prior to 05.27.23 NvmExpressDxe driver versions prior to 05.36.23 NvmExpressDxe driver versions prior to 05.44.23 NvmExpressDxe driver versions prior to 05.52.23

Description Incorrect pointer checks within the NvmExpressDxe driver can allow tampering with SMRAM and OS memory. This issue was discovered by Insyde during security review.

Recommendations For Kernel 5.1, update to Version 05.17.23 or later. For Kernel 5.2, update to Version 05.27.23 or later. For Kernel 5.3, update to Version 05.36.23 or later. For Kernel 5.4, update to Version 05.44.23 or later. For Kernel 5.5, update to Version 05.52.23 or later.