Back to search
CVE-2022-35894
Published: Sep 22, 2022
Modified: May 5, 2025
PUBLISHED
Description
An issue was discovered in Insyde InsydeH2O with kernel 5.0 through 5.5. The SMI handler for the FwBlockServiceSmm driver uses an untrusted pointer as the location to copy data to an attacker-specified buffer, leading to information disclosure.
| Vendor | Product | Versions |
|---|---|---|
n/a | n/a | affected n/a |
References
https://www.insyde.com/security-pledge
x_refsource_MISC
https://binarly.io/advisories/BRLY-2022-018/index.html
x_refsource_MISC
https://www.insyde.com/security-pledge/SA-2022030
x_refsource_MISC
Security Training
Train your team to recognize and prevent security threats with our comprehensive security awareness program.
Start TrainingVulnerability Scanning
Discover vulnerabilities in your applications and infrastructure before attackers do.
Scan Now