CVE-2022-35897

Name of the Vulnerable Software and Affected Versions Insyde InsydeH2O with kernel 5.0 through 5.5

Description A stack buffer overflow issue leads to arbitrary code execution when specific UEFI variables are modified. Normally, these variables are locked at the OS level, requiring an attacker to make direct SPI modifications. If an attacker changes at least two out of three variables - SecureBootEnforce, SecureBoot, RestoreBootSettings - it is possible to execute arbitrary code.

Recommendations For Insyde InsydeH2O with kernel 5.0 through 5.5, consider restricting access to the UEFI variables SecureBootEnforce, SecureBoot, and RestoreBootSettings to prevent modification and minimize the risk of exploitation. As a temporary workaround, ensure these variables are properly secured at the OS level to prevent unauthorized changes. At the moment, there is no information about a newer version that contains a fix for this vulnerability.