TOCTOU race-condition vulnerability in Insyde InsydeH2O with Kernel 5.2 before version 05.27.29, Kernel 5.3 before version 05.36.29, Kernel 5.4 version before 05.44.13, and Kernel 5.5 before version 05.52.13 allows an attacker to alter data and code used by the remainder of the boot process.
References
Link | Resource |
---|---|
https://www.insyde.com/security-pledge | Vendor Advisory |
https://www.insyde.com/security-pledge/SA-2023038 | Vendor Advisory |
History
No history.
MITRE Information
Status: PUBLISHED
Assigner: mitre
Published: 2023-12-16T00:00:00
Updated: 2023-12-16T01:17:43.374416
Reserved: 2022-02-02T00:00:00
Link: CVE-2022-24351
JSON object: View
NVD Information
Status : Analyzed
Published: 2023-12-16T02:15:07.183
Modified: 2023-12-20T17:33:09.887
Link: CVE-2022-24351
JSON object: View
Redhat Information
No data.
CWE