admin/nvd-json-data-feeds
1
0
Fork 0
mirror of https://github.com/fkie-cad/nvd-json-data-feeds.git synced 2025-06-19 17:31:42 +00:00
Code Issues Packages Projects Releases Wiki Activity
nvd-json-data-feeds/CVE-2022/CVE-2022-292xx/CVE-2022-29275.json

119 lines
3.8 KiB
JSON
Raw Normal View History

bootstrap
2023-04-24 12:24:31 +02:00
{
"id": "CVE-2022-29275",
"sourceIdentifier": "cve@mitre.org",
"published": "2022-11-15T21:15:36.607",
"lastModified": "2022-11-23T16:20:42.840",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
"value": "In UsbCoreDxe, untrusted input may allow SMRAM or OS memory tampering Use of untrusted pointers could allow OS or SMRAM memory tampering leading to escalation of privileges. This issue was discovered by Insyde during security review. It was fixed in: Kernel 5.0: version 05.09.21 Kernel 5.1: version 05.17.21 Kernel 5.2: version 05.27.21 Kernel 5.3: version 05.36.21 Kernel 5.4: version 05.44.21 Kernel 5.5: version 05.52.21 https://www.insyde.com/security-pledge/SA-2022058"
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:C/C:H/I:H/A:H",
"attackVector": "LOCAL",
"attackComplexity": "LOW",
"privilegesRequired": "HIGH",
"userInteraction": "NONE",
"scope": "CHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH",
"baseScore": 8.2,
"baseSeverity": "HIGH"
},
"exploitabilityScore": 1.5,
"impactScore": 6.0
}
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-119"
}
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:insyde:kernel:*:*:*:*:*:*:*:*",
"versionStartIncluding": "5.0",
"versionEndIncluding": "5.0.05.09.21",
"matchCriteriaId": "9A9A1C53-7B00-477D-B8AA-6B1A8EB1DAA5"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:insyde:kernel:*:*:*:*:*:*:*:*",
"versionStartIncluding": "5.1",
"versionEndExcluding": "5.1.05.17.21",
"matchCriteriaId": "6606DD2A-0C65-4D84-B301-313850F7A631"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:insyde:kernel:*:*:*:*:*:*:*:*",
"versionStartIncluding": "5.2",
"versionEndExcluding": "5.2.05.27.21",
"matchCriteriaId": "B66937EE-AE21-45AD-8FE1-2580A5CD23B1"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:insyde:kernel:*:*:*:*:*:*:*:*",
"versionStartIncluding": "5.3",
"versionEndExcluding": "5.3.05.36.21",
"matchCriteriaId": "23089DD9-DF12-4732-B201-D1EBDBB1D53A"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:insyde:kernel:*:*:*:*:*:*:*:*",
"versionStartIncluding": "5.4",
"versionEndExcluding": "5.4.05.44.21",
"matchCriteriaId": "4996E78F-CF7A-49A7-86D8-99904B50CBE2"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:insyde:kernel:*:*:*:*:*:*:*:*",
"versionStartIncluding": "5.5",
"versionEndExcluding": "5.5.05.52.21",
"matchCriteriaId": "7DF5BB25-36A1-49C2-8AFB-A78E18A322ED"
}
]
}
]
}
],
"references": [
{
"url": "https://www.insyde.com/security-pledge",
"source": "cve@mitre.org",
"tags": [
"Vendor Advisory"
]
},
{
"url": "https://www.insyde.com/security-pledge/SA-2022058",
"source": "cve@mitre.org",
"tags": [
"Vendor Advisory"
]
}
]
}
Reference in New Issue Copy Permalink