{ "id": "CVE-2022-29275", "sourceIdentifier": "cve@mitre.org", "published": "2022-11-15T21:15:36.607", "lastModified": "2022-11-23T16:20:42.840", "vulnStatus": "Analyzed", "cveTags": [], "descriptions": [ { "lang": "en", "value": "In UsbCoreDxe, untrusted input may allow SMRAM or OS memory tampering Use of untrusted pointers could allow OS or SMRAM memory tampering leading to escalation of privileges. This issue was discovered by Insyde during security review. It was fixed in: Kernel 5.0: version 05.09.21 Kernel 5.1: version 05.17.21 Kernel 5.2: version 05.27.21 Kernel 5.3: version 05.36.21 Kernel 5.4: version 05.44.21 Kernel 5.5: version 05.52.21 https://www.insyde.com/security-pledge/SA-2022058" }, { "lang": "es", "value": "En UsbCoreDxe, la entrada que no es de confianza puede permitir la manipulaci\u00f3n de la memoria SMRAM o del Sistema Operativo. El uso de punteros que no son de confianza podr\u00eda permitir la manipulaci\u00f3n de la memoria SMRAM o del Sistema Operativo, lo que lleva a una escalada de privilegios. Insyde descubri\u00f3 este problema durante la revisi\u00f3n de seguridad. Se solucion\u00f3 en: Kernel 5.0: versi\u00f3n 05.09.21 Kernel 5.1: versi\u00f3n 05.17.21 Kernel 5.2: versi\u00f3n 05.27.21 Kernel 5.3: versi\u00f3n 05.36.21 Kernel 5.4: versi\u00f3n 05.44.21 Kernel 5.5: versi\u00f3n 05.52.21https:/ /www.insyde.com/security-pledge/SA-2022058" } ], "metrics": { "cvssMetricV31": [ { "source": "nvd@nist.gov", "type": "Primary", "cvssData": { "version": "3.1", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:C/C:H/I:H/A:H", "attackVector": "LOCAL", "attackComplexity": "LOW", "privilegesRequired": "HIGH", "userInteraction": "NONE", "scope": "CHANGED", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "availabilityImpact": "HIGH", "baseScore": 8.2, "baseSeverity": "HIGH" }, "exploitabilityScore": 1.5, "impactScore": 6.0 } ] }, "weaknesses": [ { "source": "nvd@nist.gov", "type": "Primary", "description": [ { "lang": "en", "value": "CWE-119" } ] } ], "configurations": [ { "nodes": [ { "operator": "OR", "negate": false, "cpeMatch": [ { "vulnerable": true, "criteria": "cpe:2.3:o:insyde:kernel:*:*:*:*:*:*:*:*", "versionStartIncluding": "5.0", "versionEndIncluding": "5.0.05.09.21", "matchCriteriaId": "9A9A1C53-7B00-477D-B8AA-6B1A8EB1DAA5" }, { "vulnerable": true, "criteria": "cpe:2.3:o:insyde:kernel:*:*:*:*:*:*:*:*", "versionStartIncluding": "5.1", "versionEndExcluding": "5.1.05.17.21", "matchCriteriaId": "6606DD2A-0C65-4D84-B301-313850F7A631" }, { "vulnerable": true, "criteria": "cpe:2.3:o:insyde:kernel:*:*:*:*:*:*:*:*", "versionStartIncluding": "5.2", "versionEndExcluding": "5.2.05.27.21", "matchCriteriaId": "B66937EE-AE21-45AD-8FE1-2580A5CD23B1" }, { "vulnerable": true, "criteria": "cpe:2.3:o:insyde:kernel:*:*:*:*:*:*:*:*", "versionStartIncluding": "5.3", "versionEndExcluding": "5.3.05.36.21", "matchCriteriaId": "23089DD9-DF12-4732-B201-D1EBDBB1D53A" }, { "vulnerable": true, "criteria": "cpe:2.3:o:insyde:kernel:*:*:*:*:*:*:*:*", "versionStartIncluding": "5.4", "versionEndExcluding": "5.4.05.44.21", "matchCriteriaId": "4996E78F-CF7A-49A7-86D8-99904B50CBE2" }, { "vulnerable": true, "criteria": "cpe:2.3:o:insyde:kernel:*:*:*:*:*:*:*:*", "versionStartIncluding": "5.5", "versionEndExcluding": "5.5.05.52.21", "matchCriteriaId": "7DF5BB25-36A1-49C2-8AFB-A78E18A322ED" } ] } ] } ], "references": [ { "url": "https://www.insyde.com/security-pledge", "source": "cve@mitre.org", "tags": [ "Vendor Advisory" ] }, { "url": "https://www.insyde.com/security-pledge/SA-2022058", "source": "cve@mitre.org", "tags": [ "Vendor Advisory" ] } ] }