Back

CVE-2024-27353

May 15, 2024, 4:40 p.m.

Awaiting Analysis
CVE has been recently published to the CVE List and has been received by the NVD.

Products

Insyde InsydeH2O kernel

  • 5.2 before 05.29.09
  • 5.3 before 05.38.09
  • 5.4 before 05.46.09
  • 5.5 before 05.54.09
  • 5.6 before 05.61.09

Insyde InsydeH2O

  • 5.2 before 05.29.09
  • 5.3 before 05.38.09
  • 5.4 before 05.46.09
  • 5.5 before 05.54.09
  • 5.6 before 05.61.09

Source

cve@mitre.org

Tags

cve@mitre.org
2024-05-15
CVE-2024-27353

CVE-2024-27353 details

Published : May 15, 2024, 3:15 p.m.
Last Modified : May 15, 2024, 4:40 p.m.

Description

A memory corruption vulnerability in SdHost and SdMmcDevice in Insyde InsydeH2O kernel 5.2 before 05.29.09, kernel 5.3 before 05.38.09, kernel 5.4 before 05.46.09, kernel 5.5 before 05.54.09, and kernel 5.6 before 05.61.09 could lead to escalating privileges in SMM.

CVSS Score

1 2 3 4 5 6 7 8 9 10

Weakness

Weakness Name Description

References

URL Source
https://www.insyde.com/security-pledge cve@mitre.org
https://www.insyde.com/security-pledge/SA-2024001 cve@mitre.org
This website uses the NVD API, but is not approved or certified by it.