CVE-2023-47252 – An issue was discovered in PnpSmm in Insyde InsydeH2O with kernel 5.0 through 5.6. There …

26 April 2024

Vuln ID: CVE-2023-47252

Published: 2024-04-26 03:15:06.617

Description: An issue was discovered in PnpSmm in Insyde InsydeH2O with kernel 5.0 through 5.6. There is a possible out-of-bounds access in the SMM communication buffer, leading to tampering. The PNP-related SMI sub-functions do not verify data size before getting it from the communication buffer, which could lead to possible circumstances where the data immediately following the command buffer could be destroyed with a fixed value. This is fixed in kernel 5.2 v05.28.45, kernel 5.3 v05.37.45, kernel 5.4 v05.45.45, kernel 5.5 v05.53.45, and kernel 5.6 v05.60.45.

Base Score: –

Vector:

Source: NVD.NIST.GOV

Date:

26 April 2024

Categorie(s):

NVD

Tag(s):

NVD

News live: Australia confers with New Zealand on Rafah and looming UN vote; Lehrmann trial costs decision due Friday8 May 2024
Alleged LockBit admin and lead developer named and targeted by US, UK and Australian authorities8 May 2024
RSAC 2024: Outfoxing SSO: Bypassing modern authentication8 May 2024
America’s War on Drugs and Crime will be AI powered, says Homeland Security boss8 May 2024
Alleged LockBit admin and lead developer named and targeted by US, UK and Australian authories8 May 2024