Insyde's Security Pledge
Insyde Security Advisory 2022005
|Insyde ID||Advisory Category||Impact of Vulnerability||Severity Rating||Original Date||Last Revised|
SdLegacySmm: Software SMI handler does not verify CommBuffer, allowing untrusted external input (CVE-2020-5956)
This corresponds to CVE-2020-5956. It affects the driver SdLegacySmm. It was discovered by an external researcher. It was fixed in the following versions: Kernel 5.1: 05.15.11, Kernel 5.2: 05.25.11, Kernel 5.3: 05.34.11, Kernel 5.4: 05.42.11, Kernel 5.5: Unaffected
Insyde Software would like to thank Jiawei Yin @yngweijw for reporting this issue.
|1.1||02/08/2022||Added CVSS Rating|