CVE-2022-30772

{"id": "CVE-2022-30772", "cveTags": [], "metrics": {"cvssMetricV31": [{"type": "Primary", "source": "[email protected]", "cvssData": {"scope": "CHANGED", "version": "3.1", "baseScore": 8.2, "attackVector": "LOCAL", "baseSeverity": "HIGH", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:C/C:H/I:H/A:H", "integrityImpact": "HIGH", "userInteraction": "NONE", "attackComplexity": "LOW", "availabilityImpact": "HIGH", "privilegesRequired": "HIGH", "confidentialityImpact": "HIGH"}, "impactScore": 6.0, "exploitabilityScore": 1.5}, {"type": "Secondary", "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "cvssData": {"scope": "CHANGED", "version": "3.1", "baseScore": 8.2, "attackVector": "LOCAL", "baseSeverity": "HIGH", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:C/C:H/I:H/A:H", "integrityImpact": "HIGH", "userInteraction": "NONE", "attackComplexity": "LOW", "availabilityImpact": "HIGH", "privilegesRequired": "HIGH", "confidentialityImpact": "HIGH"}, "impactScore": 6.0, "exploitabilityScore": 1.5}]}, "published": "2022-11-15T21:15:36.967", "references": [{"url": "https://www.insyde.com/security-pledge", "tags": ["Vendor Advisory"], "source": "[email protected]"}, {"url": "https://www.insyde.com/security-pledge/SA-2022065", "tags": ["Vendor Advisory"], "source": "[email protected]"}, {"url": "https://www.insyde.com/security-pledge", "tags": ["Vendor Advisory"], "source": "af854a3a-2127-422b-91ae-364da2661108"}, {"url": "https://www.insyde.com/security-pledge/SA-2022065", "tags": ["Vendor Advisory"], "source": "af854a3a-2127-422b-91ae-364da2661108"}], "vulnStatus": "Modified", "weaknesses": [{"type": "Primary", "source": "[email protected]", "description": [{"lang": "en", "value": "CWE-787"}]}, {"type": "Secondary", "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "description": [{"lang": "en", "value": "CWE-787"}]}], "descriptions": [{"lang": "en", "value": "Manipulation of the input address in PnpSmm function 0x52 could be used by malware to overwrite SMRAM or OS kernel memory. Function 0x52 of the PnpSmm driver is passed the address and size of data to write into the SMBIOS table, but manipulation of the address could be used by malware to overwrite SMRAM or OS kernel memory. This issue was discovered by Insyde engineering during a security review. This issue is fixed in: Kernel 5.0: 05.09.41 Kernel 5.1: 05.17.43 Kernel 5.2: 05.27.30 Kernel 5.3: 05.36.30 Kernel 5.4: 05.44.30 Kernel 5.5: 05.52.30 https://www.insyde.com/security-pledge/SA-2022065"}, {"lang": "es", "value": "La manipulaci\u00f3n de la direcci\u00f3n de entrada en la funci\u00f3n PnpSmm 0x52 podr\u00eda ser utilizada por malware para sobrescribir SMRAM o la memoria del kernel del Sistema Operativo. A la funci\u00f3n 0x52 del controlador PnpSmm se le pasa la direcci\u00f3n y el tama\u00f1o de los datos para escribir en la tabla SMBIOS, pero el malware podr\u00eda utilizar la manipulaci\u00f3n de la direcci\u00f3n para sobrescribir SMRAM o la memoria del kernel del Sistema Operativo. Este problema fue descubierto por la ingenier\u00eda de Insyde durante una revisi\u00f3n de seguridad. Este problema se solucion\u00f3 en: Kernel 5.0: 05.09.41 Kernel 5.1: 05.17.43 Kernel 5.2: 05.27.30 Kernel 5.3: 05.36.30 Kernel 5.4: 05.44.30 Kernel 5.5: 05.52.30 \nhttps://www.insyde.com/security-pledge/SA-2022065"}], "lastModified": "2025-04-30T16:15:21.463", "configurations": [{"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:o:insyde:kernel:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "FB28033A-E19C-48E1-8102-3DA3A3E7151F", "versionEndExcluding": "5.0.05.09.41", "versionStartIncluding": "5.0"}, {"criteria": "cpe:2.3:o:insyde:kernel:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "BFE53C31-5FBE-4466-B1D5-8A932BAA952A", "versionEndExcluding": "5.1.05.17.43", "versionStartIncluding": "5.1"}, {"criteria": "cpe:2.3:o:insyde:kernel:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "4D6DDEF0-F902-422B-982A-B06D9B249565", "versionEndExcluding": "5.2.05.27.30", "versionStartIncluding": "5.2"}, {"criteria": "cpe:2.3:o:insyde:kernel:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "2696DAE6-A3F9-4902-B9D7-38B2D88D0E57", "versionEndExcluding": "5.3.05.36.30", "versionStartIncluding": "5.3"}, {"criteria": "cpe:2.3:o:insyde:kernel:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "C1EF4E69-0514-4BB8-A2B2-3DD72D2CB2E3", "versionEndExcluding": "5.4.05.44.30", "versionStartIncluding": "5.4"}, {"criteria": "cpe:2.3:o:insyde:kernel:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "643056D6-2573-4B71-935F-044E83EF81E9", "versionEndExcluding": "5.5.05.52.30", "versionStartIncluding": "5.5"}], "operator": "OR"}]}], "sourceIdentifier": "[email protected]"}