PT-2022-19519 · Kernel · Kernel

Published

2022-11-15

·

Updated

2022-11-23

·

CVE-2022-29279

CVSS v3.1

8.2

High

VectorAV:L/AC:L/PR:H/UI:N/S:C/C:H/I:H/A:H
Name of the Vulnerable Software and Affected Versions Kernel 5.0 versions prior to 05.09.17 Kernel 5.1 versions prior to 05.17.17 Kernel 5.2 versions prior to 05.27.17 Kernel 5.3 versions prior to 05.36.17 Kernel 5.4 versions prior to 05.44.17 Kernel 5.5 versions prior to 05.52.17
Description The issue involves the use of an untrusted pointer, allowing tampering with SMRAM and OS memory in SdHostDriver and SdMmcDevice. This was discovered by Insyde during a security review.
Recommendations For Kernel 5.0, update to version 05.09.17 or later. For Kernel 5.1, update to version 05.17.17 or later. For Kernel 5.2, update to version 05.27.17 or later. For Kernel 5.3, update to version 05.36.17 or later. For Kernel 5.4, update to version 05.44.17 or later. For Kernel 5.5, update to version 05.52.17 or later.

Fix

Buffer Overflow

Weakness Enumeration

CWE-119

Related Identifiers

CVE-2022-29279

Affected Products

Kernel