CVE-2022-29279 - OpenCVE

Use of a untrusted pointer allows tampering with SMRAM and OS memory in SdHostDriver and SdMmcDevice Use of a untrusted pointer allows tampering with SMRAM and OS memory in SdHostDriver and SdMmcDevice. This issue was discovered by Insyde during security review. It was fixed in: Kernel 5.0: version 05.09.17 Kernel 5.1: version 05.17.17 Kernel 5.2: version 05.27.17 Kernel 5.3: version 05.36.17 Kernel 5.4: version 05.44.17 Kernel 5.5: version 05.52.17 https://www.insyde.com/security-pledge/SA-2022062

Attack Vector Local

Attack Complexity Low

Privileges Required High

Scope Changed

Confidentiality Impact High

Integrity Impact High

Availability Impact High

User Interaction None

No CVSS v3.0

No CVSS v2

Vendors & Products
CPE Configurations

Vendors	Products
Insyde	Kernel

Configuration 1 [-]

OR	cpe:2.3:o:insyde:kernel::::::::
	cpe:2.3:o:insyde:kernel::::::::
	cpe:2.3:o:insyde:kernel::::::::
	cpe:2.3:o:insyde:kernel::::::::
	cpe:2.3:o:insyde:kernel::::::::
	cpe:2.3:o:insyde:kernel::::::::

References

Link	Resource
https://www.insyde.com/security-pledge	Vendor Advisory
https://www.insyde.com/security-pledge/SA-2022062	Vendor Advisory

History

No history.

MITRE Information

Status: PUBLISHED

Assigner: mitre

Published: 2022-11-15T00:00:00

Updated: 2022-11-15T00:00:00

Reserved: 2022-04-15T00:00:00

Link: CVE-2022-29279

JSON object: View

NVD Information

Status : Analyzed

Published: 2022-11-15T22:15:11.277

Modified: 2022-11-23T17:27:35.800

Link: CVE-2022-29279

JSON object: View

Redhat Information

No data.

CWE

CWE-119

{"configurations": [{"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:insyde:kernel:*:*:*:*:*:*:*:*", "matchCriteriaId": "B6FE02F2-B7F1-4542-B113-774A476C451C", "versionEndExcluding": "5.0.05.09.17", "versionStartIncluding": "5.0", "vulnerable": true}, {"criteria": "cpe:2.3:o:insyde:kernel:*:*:*:*:*:*:*:*", "matchCriteriaId": "B1580FAB-6AEA-4006-AB3E-3F384ABC7F75", "versionEndExcluding": "5.1.05.17.17", "versionStartIncluding": "5.1", "vulnerable": true}, {"criteria": "cpe:2.3:o:insyde:kernel:*:*:*:*:*:*:*:*", "matchCriteriaId": "025933E3-5677-4E99-AA74-20CC0DD2AB96", "versionEndExcluding": "5.2.05.27.17", "versionStartIncluding": "5.2", "vulnerable": true}, {"criteria": "cpe:2.3:o:insyde:kernel:*:*:*:*:*:*:*:*", "matchCriteriaId": "ABCE7EF5-A44C-408B-BF30-73DD221D71E0", "versionEndExcluding": "5.3.05.36.17", "versionStartIncluding": "5.3", "vulnerable": true}, {"criteria": "cpe:2.3:o:insyde:kernel:*:*:*:*:*:*:*:*", "matchCriteriaId": "B106DD8E-FBC4-4562-8508-69576EF4432D", "versionEndExcluding": "5.4.05.44.17", "versionStartIncluding": "5.4", "vulnerable": true}, {"criteria": "cpe:2.3:o:insyde:kernel:*:*:*:*:*:*:*:*", "matchCriteriaId": "E96A4367-F490-4AD8-B83F-54253E207622", "versionEndExcluding": "5.5.05.52.17", "versionStartIncluding": "5.5", "vulnerable": true}], "negate": false, "operator": "OR"}]}], "descriptions": [{"lang": "en", "value": "Use of a untrusted pointer allows tampering with SMRAM and OS memory in SdHostDriver and SdMmcDevice Use of a untrusted pointer allows tampering with SMRAM and OS memory in SdHostDriver and SdMmcDevice. This issue was discovered by Insyde during security review. It was fixed in: Kernel 5.0: version 05.09.17 Kernel 5.1: version 05.17.17 Kernel 5.2: version 05.27.17 Kernel 5.3: version 05.36.17 Kernel 5.4: version 05.44.17 Kernel 5.5: version 05.52.17 https://www.insyde.com/security-pledge/SA-2022062"}, {"lang": "es", "value": "El uso de un puntero que no es de confianza permite alterar la SMRAM y la memoria del sistema operativo en SdHostDriver y SdMmcDevice. El uso de un puntero que no es de confianza permite alterar la SMRAM y la memoria del sistema operativo en SdHostDriver y SdMmcDevice. Insyde descubri\u00f3 este problema durante la revisi\u00f3n de seguridad. Se solucion\u00f3 en: Kernel 5.0: versi\u00f3n 05.09.17 Kernel 5.1: versi\u00f3n 05.17.17 Kernel 5.2: versi\u00f3n 05.27.17 Kernel 5.3: versi\u00f3n 05.36.17 Kernel 5.4: versi\u00f3n 05.44.17 Kernel 5.5: versi\u00f3n 05.52.17 https:/ /www.insyde.com/security-pledge/SA-2022062"}], "id": "CVE-2022-29279", "lastModified": "2022-11-23T17:27:35.800", "metrics": {"cvssMetricV31": [{"cvssData": {"attackComplexity": "LOW", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "baseScore": 8.2, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "HIGH", "scope": "CHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:C/C:H/I:H/A:H", "version": "3.1"}, "exploitabilityScore": 1.5, "impactScore": 6.0, "source": "nvd@nist.gov", "type": "Primary"}]}, "published": "2022-11-15T22:15:11.277", "references": [{"source": "cve@mitre.org", "tags": ["Vendor Advisory"], "url": "https://www.insyde.com/security-pledge"}, {"source": "cve@mitre.org", "tags": ["Vendor Advisory"], "url": "https://www.insyde.com/security-pledge/SA-2022062"}], "sourceIdentifier": "cve@mitre.org", "vulnStatus": "Analyzed", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-119"}], "source": "nvd@nist.gov", "type": "Primary"}]}