CVE-2024-52880

An issue was discovered in Insyde InsydeH2O kernel 5.2 before version 05.29.50, kernel 5.3 before version 05.38.50, kernel 5.4 before version 05.46.50, kernel 5.5 before version 05.54.50, kernel 5.6 before version 05.61.50, and kernel 5.7 before version 05.70.50. In VariableRuntimeDxe driver, SecureBootHandler uses DataSize and VariableNameSize when determining if the data or name are in the buffer, but these are supplied by the caller and therefore cannot be trusted.

CVSS v3 7.9 HIGH

7.9^/10

CVSS v3 : HIGH

V3 Legend

Vector :

Exploitability : 1.5 / Impact : 5.8

Attack Vector LOCAL

Attack Complexity LOW

Privileges Required HIGH

User Interaction NONE

Confidentiality Impact HIGH

Integrity Impact HIGH

Availability Impact NONE

Scope CHANGED

References

Link	Resource
https://www.insyde.com/security-pledge
https://www.insyde.com/security-pledge/sa-2024016/

Configurations

No configuration.

History

16 May 2025, 15:15

Type	Values Removed	Values Added
CVSS	v2 : ~~unknown~~ v3 : ~~unknown~~	v2 : unknown v3 : 7.9
CWE		CWE-20

16 May 2025, 14:43

Type	Values Removed	Values Added
Summary		(es) Se detectó un problema en Insyde InsydeH2O en las versiones del kernel 5.2 anterior a la 05.29.50, 5.3 anterior a la 05.38.50, 5.4 anterior a la 05.46.50, 5.5 anterior a la 05.54.50, 5.6 anterior a la 05.61.50 y 5.7 anterior a la 05.70.50. En el controlador VariableRuntimeDxe, SecureBootHandler utiliza DataSize y VariableNameSize para determinar si los datos o el nombre están en el búfer, pero estos son proporcionados por el emisor y, por lo tanto, no son confiables.

15 May 2025, 16:15

Type	Values Removed	Values Added
New CVE

Information

Published : 2025-05-15 16:15

Updated : 2025-05-16 15:15

NVD link : CVE-2024-52880

Mitre link : CVE-2024-52880

CVE.ORG link : CVE-2024-52880

JSON object : View

Products Affected

No product.

CWE

CWE-20

Improper Input Validation

7.9 /10