Multiple vulnerabilities in Insyde Kernel
| Risk | Low |
| Patch available | YES |
| Number of vulnerabilities | 3 |
| CVE-ID | CVE-2022-35894 CVE-2022-35896 CVE-2022-35895 |
| CWE-ID | CWE-401 CWE-787 |
| Exploitation vector | Local |
| Public exploit | N/A |
| Vulnerable software Subscribe |
Insyde Kernel Operating systems & Components / Operating system |
| Vendor |
Security Bulletin
This security bulletin contains information about 3 vulnerabilities.
1) Memory leak
EUVDB-ID: #VU80871
Risk: Low
CVSSv3.1: 5.2 [CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:C/C:H/I:N/A:N/E:U/RL:O/RC:C]
CVE-ID: CVE-2022-35894
CWE-ID:
CWE-401 - Missing release of memory after effective lifetime
Exploit availability: No
DescriptionThe vulnerability allows a local user to gain access to sensitive information.
The vulnerability exists due memory leak in SMM driver (SMRAM read) in InsydeH2O. A local administrator can force the application to leak memory and gain access to sensitive information on the target system.
MitigationInstall updates from vendor's website.
Vulnerable software versionsInsyde Kernel: before 5.5 05.52.29
External linkshttp://www.insyde.com/security-pledge
http://www.insyde.com/security-pledge/SA-2022030
http://binarly.io/advisories/BRLY-2022-018/index.html
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
2) Memory leak
EUVDB-ID: #VU80873
Risk: Low
CVSSv3.1: 5.2 [CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:C/C:H/I:N/A:N/E:U/RL:O/RC:C]
CVE-ID: CVE-2022-35896
CWE-ID:
CWE-401 - Missing release of memory after effective lifetime
Exploit availability: No
DescriptionThe vulnerability allows a local user to gain access to sensitive information.
The vulnerability exists due memory leak in SMM driver (SMRAM read) in InsydeH2O. A local administrator can force the application to leak memory and gain access to sensitive information on the target system.
MitigationInstall updates from vendor's website.
Vulnerable software versionsInsyde Kernel: before 5.5 05.52.29
External linkshttp://www.insyde.com/security-pledge/SA-2022034
http://www.insyde.com/security-pledge
http://binarly.io/advisories/BRLY-2022-025/index.html
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
3) Out-of-bounds write
EUVDB-ID: #VU80872
Risk: Low
CVSSv3.1: 7.1 [CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:C/C:H/I:H/A:H/E:U/RL:O/RC:C]
CVE-ID: CVE-2022-35895
CWE-ID:
CWE-787 - Out-of-bounds write
Exploit availability: No
DescriptionThe vulnerability allows a local user to compromise vulnerable system.
The vulnerability exists due to a boundary error when processing untrusted input in SMM driver (SMRAM write) in InsydeH2O. A local administrator can trigger an out-of-bounds write and execute arbitrary code on the target system.
MitigationInstall updates from vendor's website.
Vulnerable software versionsInsyde Kernel: before 5.5 05.52.29
External linkshttp://binarly.io/advisories/BRLY-2022-024/index.html
http://www.insyde.com/security-pledge/SA-2022033
http://www.insyde.com/security-pledge
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
