Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
N/A
Vulnerability Description
An issue was discovered in Insyde InsydeH2O kernel 5.2 before version 05.29.50, kernel 5.3 before version 05.38.50, kernel 5.4 before version 05.46.50, kernel 5.5 before version 05.54.50, kernel 5.6 before version 05.61.50, and kernel 5.7 before version 05.70.50. In VariableRuntimeDxe driver, callback function SmmCreateVariableLockList () calls CreateVariableLockListInSmm (). In CreateVariableLockListInSmm (), it uses StrSize () to get variable name size and it could lead to a buffer over-read.
CVSS Information
N/A
Vulnerability Type
N/A
Vulnerability Title
Insyde InsydeH2O kernel 安全漏洞
Vulnerability Description
Insyde InsydeH2O kernel是中国系微(Insyde)公司的一个更新电脑 BIOS 的程序内核。 Insyde InsydeH2O kernel 5.7 05.70.50之前版本存在安全漏洞,该漏洞源于缓冲区过度读取。
CVSS Information
N/A
Vulnerability Type
N/A