CVE-2022-30283Time-of-check Time-of-use (TOCTOU) Race Condition in Kernel

CWE-367Time-of-check Time-of-use (TOCTOU) Race Condition3 documents3 sources
Severity
7.5HIGHNVD
EPSS
0.1%
top 79.67%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
1
Insyde Kernel
Timeline
PublishedNov 15
Latest updateNov 16

Description

In UsbCoreDxe, tampering with the contents of the USB working buffer using DMA while certain USB transactions are in process leads to a TOCTOU problem that could be used by an attacker to cause SMRAM corruption and escalation of privileges The UsbCoreDxe module creates a working buffer for USB transactions outside of SMRAM. The code which uses can be inside of SMM, making the working buffer untrusted input. The buffer can be corrupted by DMA transfers. The SMM code code attempts to sanitize poin

CVSS vector

CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:C/C:H/I:H/A:HExploitability: 0.8 | Impact: 6.0

Affected Packages1 packages

NVDinsyde/kernel5.05.0.05.09.21+5

🔴Vulnerability Details

2
GHSA
GHSA-24pw-pfmp-w2w4: In UsbCoreDxe, tampering with the contents of the USB working buffer using DMA while certain USB transactions are in process leads to a TOCTOU problem2022-11-16
CVEList
CVE-2022-30283: In UsbCoreDxe, tampering with the contents of the USB working buffer using DMA while certain USB transactions are in process leads to a TOCTOU problem2022-11-15
CVE-2022-30283 — Insyde Kernel vulnerability | cvebase