CVE Vulnerabilities

CVE-2022-29264

Published: Apr 25, 2022 | Modified: Sep 30, 2022
CVSS 3.x
9.8
CRITICAL
Source:
NVD
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
CVSS 2.x
7.5 HIGH
AV:N/AC:L/Au:N/C:P/I:P/A:P
RedHat/V2
RedHat/V3
Ubuntu
MEDIUM

An issue was discovered in coreboot 4.13 through 4.16. On APs, arbitrary code execution in SMM may occur.

Affected Software

Name Vendor Start Version End Version
Coreboot Coreboot 4.13 (including) 4.16 (including)
Coreboot Ubuntu kinetic *
Coreboot Ubuntu lunar *
Coreboot Ubuntu mantic *
Coreboot Ubuntu trusty *
Coreboot Ubuntu upstream *
Coreboot Ubuntu xenial *

References