Vulnerability: Incorrect Pointer Checks in NvmExpressDxe Driver Allow Tampering with SMRAM and OS Memory

Vulnerability: Incorrect Pointer Checks in NvmExpressDxe Driver Allow Tampering with SMRAM and OS Memory

CVE-2022-29278 · HIGH Severity

CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:C/C:H/I:H/A:H

Incorrect pointer checks within the NvmExpressDxe driver can allow tampering with SMRAM and OS memory Incorrect pointer checks within the NvmExpressDxe driver can allow tampering with SMRAM and OS memory. This issue was discovered by Insyde during security review. Fixed in: Kernel 5.1: Version 05.17.23 Kernel 5.2: Version 05.27.23 Kernel 5.3: Version 05.36.23 Kernel 5.4: Version 05.44.23 Kernel 5.5: Version 05.52.23 https://www.insyde.com/security-pledge/SA-2022061

Learn more about our Web Application Penetration Testing UK.