Vulnerability Database

289,599

Total vulnerabilities in the database

CVE-2022-24351

TOCTOU race-condition vulnerability in Insyde InsydeH2O with Kernel 5.2 before version 05.27.29, Kernel 5.3 before version 05.36.29, Kernel 5.4 version before 05.44.13, and Kernel 5.5 before version 05.52.13 allows an attacker to alter data and code used by the remainder of the boot process.

  • Published: Dec 16, 2023
  • Updated: Dec 21, 2023
  • CVE: CVE-2022-24351
  • Severity: Low
  • Exploit:

CVSS v3:

  • Severity: Low
  • Score: 4.7
  • AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:H/A:N

CWEs:

Software From Fixed in
insyde / insydeh2o 5.2 5.2.05.27.29
insyde / insydeh2o 5.3 5.3.05.36.29
insyde / insydeh2o 5.4 5.4.05.44.13
insyde / insydeh2o 5.5 5.5.05.52.13