Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
N/A
Vulnerability Description
An issue SMM memory leak vulnerability in SMM driver (SMRAM was discovered in Insyde InsydeH2O with kernel 5.0 through 5.5. An attacker can dump SMRAM contents via the software SMI provided by the FvbServicesRuntimeDxe driver to read the contents of SMRAM, leading to information disclosure.
CVSS Information
N/A
Vulnerability Type
N/A
Vulnerability Title
Insyde InsydeH2O 输入验证错误漏洞
Vulnerability Description
Insyde InsydeH2O是中国台湾系微(Insyde)公司的一个 C 语言源,它实现了新技术“EFI/UEFI”规范,旨在取代传统的 BIOS(基本输入/输出系统)。 Insyde InsydeH2O存在输入验证错误漏洞。攻击者利用该漏洞可以通过FvbServicesRuntimeDxe驱动程序提供的软件SMI转储SMRAM内容,以读取SMRAM的内容,从而导致信息泄漏。
CVSS Information
N/A
Vulnerability Type
N/A