CVE-2024-52877

  1. Yack CVE
  2. Vulnerabilities (CVE)
  3. CVE-2024-52877

7.5 /10

CVSS v3 : HIGH

V3 Legend

Vector :

Exploitability : 3.9 / Impact : 3.6

Attack Vector NETWORK

Attack Complexity LOW

Privileges Required NONE

User Interaction NONE

Confidentiality Impact HIGH

Integrity Impact NONE

Availability Impact NONE

Scope UNCHANGED

A

n issue was discovered in Insyde InsydeH2O kernel 5.2 before version 05.29.50, kernel 5.3 before version 05.38.50, kernel 5.4 before version 05.46.50, kernel 5.5 before version 05.54.50, kernel 5.6 before version 05.61.50, and kernel 5.7 before version 05.70.50. In VariableRuntimeDxe driver, callback function SmmCreateVariableLockList () calls CreateVariableLockListInSmm (). In CreateVariableLockListInSmm (), it uses StrSize () to get variable name size and it could lead to a buffer over-read.

References
Link Resource
https://www.insyde.com/security-pledge Vendor Advisory
https://www.insyde.com/security-pledge/sa-2024016/ Vendor Advisory
Configurations

Configuration 1 (hide)

OR cpe:2.3:a:insyde:insydeh2o:*:*:*:*:*:*:*:*
cpe:2.3:a:insyde:insydeh2o:*:*:*:*:*:*:*:*
cpe:2.3:a:insyde:insydeh2o:*:*:*:*:*:*:*:*
cpe:2.3:a:insyde:insydeh2o:*:*:*:*:*:*:*:*
cpe:2.3:a:insyde:insydeh2o:*:*:*:*:*:*:*:*
cpe:2.3:a:insyde:insydeh2o:*:*:*:*:*:*:*:*
History

15 Aug 2025, 17:06

Type Values Removed Values Added
First Time Insyde insydeh2o
Insyde
CPE cpe:2.3:a:insyde:insydeh2o:*:*:*:*:*:*:*:*
References () https://www.insyde.com/security-pledge - () https://www.insyde.com/security-pledge - Vendor Advisory
References () https://www.insyde.com/security-pledge/sa-2024016/ - () https://www.insyde.com/security-pledge/sa-2024016/ - Vendor Advisory

19 May 2025, 20:15

Type Values Removed Values Added
CVSS v2 : unknown
v3 : unknown 		v2 : unknown
v3 : 7.5
CWE CWE-126

16 May 2025, 14:43

Type Values Removed Values Added
Summary
  • (es) Se detectó un problema en Insyde InsydeH2O en las versiones del kernel 5.2 anterior a la 05.29.50, 5.3 anterior a la 05.38.50, 5.4 anterior a la 05.46.50, 5.5 anterior a la 05.54.50, 5.6 anterior a la 05.61.50 y 5.7 anterior a la 05.70.50. En el controlador VariableRuntimeDxe, la función de devolución de llamada SmmCreateVariableLockList() llama a CreateVariableLockListInSmm(). En CreateVariableLockListInSmm(), utiliza StrSize() para obtener el tamaño del nombre de la variable, lo que podría provocar una sobrelectura del búfer.

15 May 2025, 16:15

Type Values Removed Values Added
New CVE
Information

Published : 2025-05-15 16:15

Updated : 2025-08-15 17:06

NVD link : CVE-2024-52877

Mitre link : CVE-2024-52877

CVE.ORG link : CVE-2024-52877

JSON object : View

Products Affected

insyde

CWE
CWE-126

Buffer Over-read