CVE-2022-30772

Name of the Vulnerable Software and Affected Versions Kernel 5.0 versions prior to 05.09.41 Kernel 5.1 versions prior to 05.17.43 Kernel 5.2 versions prior to 05.27.30 Kernel 5.3 versions prior to 05.36.30 Kernel 5.4 versions prior to 05.44.30 Kernel 5.5 versions prior to 05.52.30

Description Manipulation of the input address in the PnpSmm function 0x52 could be used by malware to overwrite SMRAM or OS kernel memory. The PnpSmm driver is passed the address and size of data to write into the SMBIOS table, but manipulation of the address could be used by malware to overwrite SMRAM or OS kernel memory. This issue was discovered by Insyde engineering during a security review.

Recommendations For Kernel 5.0, update to version 05.09.41 or later. For Kernel 5.1, update to version 05.17.43 or later. For Kernel 5.2, update to version 05.27.30 or later. For Kernel 5.3, update to version 05.36.30 or later. For Kernel 5.4, update to version 05.44.30 or later. For Kernel 5.5, update to version 05.52.30 or later. As a temporary workaround, consider restricting access to the PnpSmm driver function 0x52 to minimize the risk of exploitation.