Vulnerability Database

313,494

Total vulnerabilities in the database

CVE-2022-29275

In UsbCoreDxe, untrusted input may allow SMRAM or OS memory tampering Use of untrusted pointers could allow OS or SMRAM memory tampering leading to escalation of privileges. This issue was discovered by Insyde during security review. It was fixed in: Kernel 5.0: version 05.09.21 Kernel 5.1: version 05.17.21 Kernel 5.2: version 05.27.21 Kernel 5.3: version 05.36.21 Kernel 5.4: version 05.44.21 Kernel 5.5: version 05.52.21 https://www.insyde.com/security-pledge/SA-2022058

Published: Nov 15, 2022
Updated: Nov 16, 2025
CVE: CVE-2022-29275
Severity: High
Exploit:

CVSS v3:

Severity: High
Score: 8.2
AV:L/AC:L/PR:H/UI:N/S:C/C:H/I:H/A:H

CWEs:

CWE-119

Affected Software
References

Software	From	Fixed in
insyde / kernel	5.0	5.0.05.09.21.x
insyde / kernel	5.1	5.1.05.17.21
insyde / kernel	5.2	5.2.05.27.21
insyde / kernel	5.3	5.3.05.36.21
insyde / kernel	5.4	5.4.05.44.21
insyde / kernel	5.5	5.5.05.52.21

Deep Security Visibility Without the Complexity

SynScan provides clear, real-time security insights so you can monitor your attack surface, spot risks early, and act fast—without extra complexity.

No setup fees
5-min deployment
Cancel anytime

Book a Demo