Total vulnerabilities in the database
An issue was discovered in Insyde InsydeH2O with kernel 5.0 through 5.5. DMA attacks on the VariableRuntimeDxe shared buffer used by SMM and non-SMM code could cause TOCTOU race-condition issues that could lead to corruption of SMRAM and escalation of privileges. This issue was fixed in the kernel, which also protected chipset and OEM chipset code.
| Software | From | Fixed in |
|---|---|---|
| insyde / insydeh2o | 5.5 | 5.5.05.52.27 |
| insyde / insydeh2o | 5.4 | 5.4.05.44.27 |
| insyde / insydeh2o | 5.3 | 5.3.05.36.27 |
| insyde / insydeh2o | 5.0 | 5.2.05.27.27 |