CVE-2024-52877

EUVD-2024-54545

15.05.2025, 16:15

An issue was discovered in Insyde InsydeH2O kernel 5.2 before version 05.29.50, kernel 5.3 before version 05.38.50, kernel 5.4 before version 05.46.50, kernel 5.5 before version 05.54.50, kernel 5.6 before version 05.61.50, and kernel 5.7 before version 05.70.50. In VariableRuntimeDxe driver, callback function SmmCreateVariableLockList () calls CreateVariableLockListInSmm (). In CreateVariableLockListInSmm (), it uses StrSize () to get variable name size and it could lead to a buffer over-read.

Provider	Type	Base Score	Atk. Vector	Atk. Complexity	Priv. Required	Vector
NIST	Primary	7.5 HIGH	NETWORK	LOW	NONE	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
CISA-ADP	ADP	7.5 HIGH	NETWORK	LOW	NONE	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N

Base Score

CVSS 3.x

EPSS Score

Percentile: 23%

Affected Products (NVD)

Vendor	Product	Version
insyde	insydeh2o	5.2 ≤ 𝑥 < 5.2.05.29.50
insyde	insydeh2o	5.3 ≤ 𝑥 < 5.3.05.38.50
insyde	insydeh2o	5.4 ≤ 𝑥 < 5.4.05.46.50
insyde	insydeh2o	5.5 ≤ 𝑥 < 5.5.05.54.50
insyde	insydeh2o	5.6 ≤ 𝑥 < 5.6.05.61.50
insyde	insydeh2o	5.7 ≤ 𝑥 < 5.7.05.70.50

𝑥

= Vulnerable software versions

Common Weakness Enumeration

CWE-126 - Buffer Over-read
The software reads from a buffer using buffer access mechanisms such as indexes or pointers that reference memory locations after the targeted buffer.

References

https://www.insyde.com/security-pledge

https://www.insyde.com/security-pledge/sa-2024016/