Skip to main content

CVE-2021-45971

Description

An issue was discovered in SdHostDriver in Insyde InsydeH2O with kernel 5.1 before 05.16.25, 5.2 before 05.26.25, 5.3 before 05.35.25, 5.4 before 05.43.25, and 5.5 before 05.51.25. A vulnerability exists in the SMM (System Management Mode) branch that registers a SWSMI handler that does not sufficiently check or validate the allocated buffer pointer (CommBufferData).

nvd
CVE ID: CVE-2021-45971
Base Score: 8.2
Base Severity: HIGH
Vector String:CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:C/C:H/I:H/A:H
Impact Score: 6.0
Exploitability Score: 1.5

Refrence: NVD