CVE-2024-52878

CVSS v3.1

7.5

High

Vector

AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N

Name of the Vulnerable Software and Affected Versions: Insyde InsydeH2O kernel versions 5.2 through 05.29.49 Insyde InsydeH2O kernel versions 5.3 through 05.38.49 Insyde InsydeH2O kernel versions 5.4 through 05.46.49 Insyde InsydeH2O kernel versions 5.5 through 05.54.49 Insyde InsydeH2O kernel versions 5.6 through 05.61.49 Insyde InsydeH2O kernel versions 5.7 through 05.70.49

Description: An issue was discovered in the VariableRuntimeDxe driver of the Insyde InsydeH2O kernel. The VariableServicesSetVariable() function can be called by gRT ->SetVariable() or the SmmSetSensitiveVariable() or SmmInternalSetVariable() from SMM. This function uses StrSize() to get the variable name size, StrLen() to get the variable name length, and StrCmp() to compare strings, which may cause a buffer over-read.

Recommendations: For Insyde InsydeH2O kernel versions 5.2 through 05.29.49, update to version 05.29.50 or later. For Insyde InsydeH2O kernel versions 5.3 through 05.38.49, update to version 05.38.50 or later. For Insyde InsydeH2O kernel versions 5.4 through 05.46.49, update to version 05.46.50 or later. For Insyde InsydeH2O kernel versions 5.5 through 05.54.49, update to version 05.54.50 or later. For Insyde InsydeH2O kernel versions 5.6 through 05.61.49, update to version 05.61.50 or later. For Insyde InsydeH2O kernel versions 5.7 through 05.70.49, update to version 05.70.50 or later.

Fix

Buffer Over-read

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Weakness Enumeration

CWE-126

Related Identifiers

CVE-2024-52878

Affected Products

Insydeh2O

CVE-2024-52878

Weakness Enumeration

Related Identifiers

Affected Products

References · 11