CVE-2024-52878

HIGH

Insyde InsydeH2O 5.2-5.7 - Buffer Over-read in VariableRuntimeDxe VariableServicesSetVariable

Title source: llm
STIX 2.1

Description

An issue was discovered in Insyde InsydeH2O kernel 5.2 before version 05.29.50, kernel 5.3 before version 05.38.50, kernel 5.4 before version 05.46.50, kernel 5.5 before version 05.54.50, kernel 5.6 before version 05.61.50, and kernel 5.7 before version 05.70.50. In VariableRuntimeDxe driver, VariableServicesSetVariable () can be called by gRT_>SetVariable () or the SmmSetSensitiveVariable () or SmmInternalSetVariable () from SMM. In VariableServicesSetVariable (), it uses StrSize () to get variable name size, uses StrLen () to get variable name length and uses StrCmp () to compare strings. These actions may cause a buffer over-read.

References (2)

Core 2

Scores

CVSS v3 7.5
EPSS 0.0040
EPSS Percentile 31.6%
Attack Vector NETWORK
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N

CISA SSVC

Vulnrichment
Exploitation none
Automatable no
Technical Impact partial

Details

CWE
CWE-126
Status published
Products (1)
insyde/insydeh2o 5.2 - 5.2.05.29.50
Published May 15, 2025
Tracked Since Feb 18, 2026