PT-2023-13064 · Insyde · Insydeh2O
Published
2023-02-15
·
Updated
2023-02-23
·
CVE-2022-32471
CVSS v3.1
7.0
High
| Vector | AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H |
Name of the Vulnerable Software and Affected Versions
Insyde InsydeH2O with kernel versions 5.0 through 5.5
Description
An issue was discovered in IhisiSmm where the IhisiDxe driver uses a command buffer to pass input and output data. By modifying the command buffer contents with DMA after input parameters have been checked but before they are used, the IHISI SMM code may be convinced to modify SMRAM or OS, leading to possible data corruption or escalation of privileges.
Recommendations
For kernel versions 5.0 through 5.5, consider disabling the IhisiDxe driver as a temporary workaround until a patch is available. Restrict access to the command buffer to minimize the risk of exploitation. Avoid using DMA to modify the command buffer contents after input parameters have been checked.
Fix
Time Of Check To Time Of Use
Found an issue in the description? Have something to add? Feel free to write us 👾
Weakness Enumeration
Related Identifiers
Affected Products
Insydeh2O