CVE-2022-31222

LOW

Dell BIOS - Memory Corruption

Title source: llm

Description

Dell BIOS versions contain a Missing Release of Resource after Effective Lifetime vulnerability. A local authenticated administrator user could potentially exploit this vulnerability by consuming excess memory in order to cause the application to crash.

References (1)

Scores

CVSS v3 2.3
EPSS 0.0004
EPSS Percentile 13.0%
Attack Vector LOCAL
CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:L

Classification

CWE
CWE-772 CWE-401
Status published

Affected Products (25)

dell/chengming_3900_firmware < 1.1.66
dell/inspiron_14_plus_7420_firmware < 1.2.0
dell/inspiron_16_plus_7620_firmware < 1.2.0
dell/inspiron_3910_firmware < 1.1.66
dell/inspiron_5320_firmware < 1.1.0
dell/inspiron_5420_firmware < 1.4.1
dell/inspiron_5620_firmware < 1.4.1
dell/inspiron_7420_firmware < 1.3.0
dell/inspiron_7620_firmware < 1.3.0
dell/optiplex_3000_firmware < 1.1.66
dell/optiplex_3000_thin_client_firmware < 1.0.7
dell/optiplex_5000_firmware < 1.3.62
dell/optiplex_5400_firmware < 1.0.13
dell/optiplex_7000_firmware < 1.3.62
dell/optiplex_7000_oem_firmware < 1.3.62
... and 10 more

Timeline

Published Sep 12, 2022
Tracked Since Feb 18, 2026