CVE-2022-35896

An issue SMM memory leak vulnerability in SMM driver (SMRAM was discovered in Insyde InsydeH2O with kernel 5.0 through 5.5. An attacker can dump SMRAM contents via the software SMI provided by the FvbServicesRuntimeDxe driver to read the contents of SMRAM, leading to information disclosure.
Configurations

Configuration 1

cpe:2.3:a:insyde:insydeh2o:*:*:*:*:*:*:*:*

Information

Published : 2022-09-22 12:15

Updated : 2022-09-26 04:39


NVD link : CVE-2022-35896

Mitre link : CVE-2022-35896

Products Affected
No products.
CWE
CWE-119

Improper Restriction of Operations within the Bounds of a Memory Buffer