CVE-2022-29279

Use of a untrusted pointer allows tampering with SMRAM and OS memory in SdHostDriver and SdMmcDevice Use of a untrusted pointer allows tampering with SMRAM and OS memory in SdHostDriver and SdMmcDevice. This issue was discovered by Insyde during security review. It was fixed in: Kernel 5.0: version 05.09.17 Kernel 5.1: version 05.17.17 Kernel 5.2: version 05.27.17 Kernel 5.3: version 05.36.17 Kernel 5.4: version 05.44.17 Kernel 5.5: version 05.52.17 https://www.insyde.com/security-pledge/SA-2022062

Published: Nov 15, 2022
Updated: Apr 14, 2023
CVE: CVE-2022-29279
Severity: High
Exploit:

CVSS v3:

Severity: High
Score: 8.2
AV:L/AC:L/PR:H/UI:N/S:C/C:H/I:H/A:H

CWEs:

CWE-119

Affected Software
References

Software	From	Fixed in
insyde / kernel	5.0	5.0.05.09.17
insyde / kernel	5.1	5.1.05.17.17
insyde / kernel	5.2	5.2.05.27.17
insyde / kernel	5.3	5.3.05.36.17
insyde / kernel	5.4	5.4.05.44.17
insyde / kernel	5.5	5.5.05.52.17

https://www.insyde.com/security-pledge
https://www.insyde.com/security-pledge/SA-2022062

Vulnerability Database

289,599

CVE-2022-29279