CVE-2022-36337

An issue was discovered in Insyde InsydeH2O with kernel 5.0 through 5.5. A stack buffer overflow vulnerability in the MebxConfiguration driver leads to arbitrary code execution. Control of a UEFI variable under the OS can cause this overflow when read by BIOS code.
References
Configurations

Configuration 1

cpe:2.3:o:insyde:kernel:*:*:*:*:*:*:*:*

Information

Published : 2022-11-23 03:15

Updated : 2022-11-30 03:27


NVD link : CVE-2022-36337

Mitre link : CVE-2022-36337

Products Affected
No products.
CWE