CVE-2022-31222: Dell BIOS versions contain a Missing Release of Resource after Effective Lifetime vulnerability. A local authenticated administrator user could potentially…

medium4.4CVSS 3.1

AVLACLPRHUINSUCNINAH

Dell BIOS versions contain a Missing Release of Resource after Effective Lifetime vulnerability. A local authenticated administrator user could potentially exploit this vulnerability by consuming excess memory in order to cause the application to crash.

Affected

26 ranges· showing 25

Vendor	Product	Version range	Fixed in
dell	chengming_3900_firmware	< 1.1.66	1.1.66
dell	cpg_bios	>= unspecified < 21Q4 platforms	21Q4 platforms
dell	inspiron_14_plus_7420_firmware	< 1.2.0	1.2.0
dell	inspiron_16_plus_7620_firmware	< 1.2.0	1.2.0
dell	inspiron_3910_firmware	< 1.1.66	1.1.66
dell	inspiron_5320_firmware	< 1.1.0	1.1.0
dell	inspiron_5420_firmware	< 1.4.1	1.4.1
dell	inspiron_5620_firmware	< 1.4.1	1.4.1
dell	inspiron_7420_firmware	< 1.3.0	1.3.0
dell	inspiron_7620_firmware	< 1.3.0	1.3.0
dell	optiplex_3000_firmware	< 1.1.66	1.1.66
dell	optiplex_3000_thin_client_firmware	< 1.0.7	1.0.7
dell	optiplex_5000_firmware	< 1.3.62	1.3.62
dell	optiplex_5400_firmware	< 1.0.13	1.0.13
dell	optiplex_7000_firmware	< 1.3.62	1.3.62
dell	optiplex_7000_oem_firmware	< 1.3.62	1.3.62
dell	optiplex_7400_firmware	< 1.0.13	1.0.13
dell	precision_3460_small_form_factor_firmware	< 1.3.62	1.3.62
dell	precision_3660_tower_firmware	< 1.3.71	1.3.71
dell	precision_5770_firmware	< 1.6.0	1.6.0
dell	vostro_3710_firmware	< 1.1.66	1.1.66
dell	vostro_3910_firmware	< 1.1.66	1.1.66
dell	vostro_5320_firmware	< 1.1.0	1.1.0
dell	vostro_5620_firmware	< 1.4.1	1.4.1
dell	vostro_7620_firmware	< 1.2.0	1.2.0