Headline
CVE-2022-34390: DSA-2022-269: Dell Client Platform BIOS Security Update for Alienware Area-51 R4/R5
Dell BIOS contains a use of uninitialized variable vulnerability. A local authenticated malicious user may potentially exploit this vulnerability by using an SMI to gain arbitrary code execution in SMRAM.
Vaikutus
High
Tiedot
Third-party Component
CVE(s)
More Information
Intel® CSME, Intel® SPS, Intel® TXE, Intel® DAL, and Intel® AMT 2019.1 QSR Advisory
CVE-2019-0086
INTEL-SA-00213
CVE-2019-0091
CVE-2019-0093
2019.2 IPU – Intel® CSME, Intel® SPS, Intel® TXE, Intel® AMT, Intel® PTT and Intel® DAL Advisory
CVE-2019-0169
INTEL-SA-00241
CVE-2019-11147
CVE-2019-11104
CVE-2019-11090
CVE-2019-11087
CVE-2019-11101
2020.1 IPU – Intel® CSME, SPS, TXE, AMT, ISM and DAL Advisory
CVE-2020-0536
INTEL-SA-00295
CVE-2020-0539
CVE-2020-0545
2020.2 IPU – Intel® CSME, SPS, TXE, AMT and DAL Advisory
CVE-2020-8745
INTEL-SA-00391
CVE-2020-8705
CVE-2020-12303
CVE-2020-12355
2020.2 IPU – BIOS Advisory
CVE-2020-0587
INTEL-SA-00358
CVE-2020-0591
CVE-2020-0592
CVE-2020-0593
Intel BIOS Platform Sample Code Advisory
CVE-2020-8738
INTEL-SA-00390
CVE-2020-8739
CVE-2020-8740
CVE-2020-8764
2021.1 IPU – Intel® CSME, SPS and LMS Advisory
CVE-2020-24507
INTEL-SA-00459
CVE-2020-8703
2021.1 IPU – BIOS Advisory
CVE-2020-12358
INTEL-SA-00463
CVE-2020-12360
CVE-2020-24486
Intel BSSA DFT Advisory
CVE-2021-0144
INTEL-SA-00525
BIOS Reference Code Advisory
CVE-2021-0157
INTEL-SA-00562
2021.2 IPU - Intel® Processor Breakpoint Control Flow Advisory
CVE-2021-0127
Intel-SA-00532
Intel® CSME, Intel® SPS, Intel® TXE, Intel® DAL, and Intel® AMT 2019.1 QSR Advisory
CVE-2019-0086
INTEL-SA-00213
CVE-2019-0091
CVE-2019-0093
Proprietary Code CVE(s)
Description
CVSS Base Score
CVSS Vector String
CVE-2022-34390
Dell BIOS contains a use of uninitialized variable vulnerability. A local authenticated malicious user may potentially exploit this vulnerability by using an SMI to gain arbitrary code execution in SMRAM.
7.5
CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:C/C:H/I:H/A:H
CVE-2022-34391
Dell Client BIOS Versions prior to the remediated version contain an improper input validation vulnerability. A local authenticated malicious user may potentially exploit this vulnerability by using an SMI to gain arbitrary code execution in SMRAM.
7.5
CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:C/C:H/I:H/A:H
Third-party Component
CVE(s)
More Information
Intel® CSME, Intel® SPS, Intel® TXE, Intel® DAL, and Intel® AMT 2019.1 QSR Advisory
CVE-2019-0086
INTEL-SA-00213
CVE-2019-0091
CVE-2019-0093
2019.2 IPU – Intel® CSME, Intel® SPS, Intel® TXE, Intel® AMT, Intel® PTT and Intel® DAL Advisory
CVE-2019-0169
INTEL-SA-00241
CVE-2019-11147
CVE-2019-11104
CVE-2019-11090
CVE-2019-11087
CVE-2019-11101
2020.1 IPU – Intel® CSME, SPS, TXE, AMT, ISM and DAL Advisory
CVE-2020-0536
INTEL-SA-00295
CVE-2020-0539
CVE-2020-0545
2020.2 IPU – Intel® CSME, SPS, TXE, AMT and DAL Advisory
CVE-2020-8745
INTEL-SA-00391
CVE-2020-8705
CVE-2020-12303
CVE-2020-12355
2020.2 IPU – BIOS Advisory
CVE-2020-0587
INTEL-SA-00358
CVE-2020-0591
CVE-2020-0592
CVE-2020-0593
Intel BIOS Platform Sample Code Advisory
CVE-2020-8738
INTEL-SA-00390
CVE-2020-8739
CVE-2020-8740
CVE-2020-8764
2021.1 IPU – Intel® CSME, SPS and LMS Advisory
CVE-2020-24507
INTEL-SA-00459
CVE-2020-8703
2021.1 IPU – BIOS Advisory
CVE-2020-12358
INTEL-SA-00463
CVE-2020-12360
CVE-2020-24486
Intel BSSA DFT Advisory
CVE-2021-0144
INTEL-SA-00525
BIOS Reference Code Advisory
CVE-2021-0157
INTEL-SA-00562
2021.2 IPU - Intel® Processor Breakpoint Control Flow Advisory
CVE-2021-0127
Intel-SA-00532
Intel® CSME, Intel® SPS, Intel® TXE, Intel® DAL, and Intel® AMT 2019.1 QSR Advisory
CVE-2019-0086
INTEL-SA-00213
CVE-2019-0091
CVE-2019-0093
Proprietary Code CVE(s)
Description
CVSS Base Score
CVSS Vector String
CVE-2022-34390
Dell BIOS contains a use of uninitialized variable vulnerability. A local authenticated malicious user may potentially exploit this vulnerability by using an SMI to gain arbitrary code execution in SMRAM.
7.5
CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:C/C:H/I:H/A:H
CVE-2022-34391
Dell Client BIOS Versions prior to the remediated version contain an improper input validation vulnerability. A local authenticated malicious user may potentially exploit this vulnerability by using an SMI to gain arbitrary code execution in SMRAM.
7.5
CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:C/C:H/I:H/A:H
Dell Technologies suosittelee, että kaikki asiakkaat ottavat huomioon sekä CVSS-peruspistemäärän että kaikki asiaankuuluvat väliaikaiset ja ympäristöön liittyvät pisteet, jotka voivat vaikuttaa tietyn tietoturvahaavoittuvuuden mahdolliseen vakavuuteen.
Tuotteet, joihin asia vaikuttaa ja tilanteen korjaaminen
See the table below for Dell Client BIOS releases containing resolutions to these vulnerabilities. Dell recommends all customers update at the earliest opportunity.
Go to the Drivers and Downloads site for updates on the applicable products. To learn more, see Dell KB article Dell BIOS Updates, and download the update for your Dell computer.
Customers may use one of the Dell notification solutions to be notified and download driver, BIOS, and firmware updates automatically once available.
Product
BIOS Update Version
BIOS Release Date
Alienware Area-51 R4
2.0.6
08/30/2022
Alienware Area-51 R5
2.0.6
08/30/2022
See the table below for Dell Client BIOS releases containing resolutions to these vulnerabilities. Dell recommends all customers update at the earliest opportunity.
Go to the Drivers and Downloads site for updates on the applicable products. To learn more, see Dell KB article Dell BIOS Updates, and download the update for your Dell computer.
Customers may use one of the Dell notification solutions to be notified and download driver, BIOS, and firmware updates automatically once available.
Product
BIOS Update Version
BIOS Release Date
Alienware Area-51 R4
2.0.6
08/30/2022
Alienware Area-51 R5
2.0.6
08/30/2022
Keinoja ongelman kiertämiseen tai lieventämiseen
None
Versiohistoria
Revision
Date
Description
1.0
2022/09/30
Initial Release
Asiaan liittyvät tiedot
Dell Security Advisories and Notices
Dell Vulnerability Response Policy
CVSS Scoring Guide
Lisätietoja
Dell Technologies would like to thank yngweijw for reporting CVE-2022-34390 and CVE-2022-34391.
30 syysk. 2022
Related news
Gentoo Linux Security Advisory 202402-22 - Multiple vulnerabilities have been discovered in intel-microcode, the worst of which can lead to privilege escalation. Versions greater than or equal to 20230214_p20230212 are affected.
NVIDIA DGX-1 SBIOS contains a vulnerability in Bds, which may lead to code execution, denial of service, and escalation of privileges.
Dell EMC prior to version DDOS 7.9 contain(s) an OS command injection Vulnerability. An authenticated non admin attacker could potentially exploit this vulnerability, leading to the execution of arbitrary OS commands on the application's underlying OS, with the privileges of the vulnerable application.
Dell VxRail, versions prior to 7.0.410, contain a Container Escape Vulnerability. A local high-privileged attacker could potentially exploit this vulnerability, leading to the execution of arbitrary OS commands on the container's underlying OS. Exploitation may lead to a system take over by an attacker.
Dell EMC Metro node, Version(s) prior to 7.1, contain a Code Injection Vulnerability. An authenticated nonprivileged attacker could potentially exploit this vulnerability, leading to the execution of arbitrary OS commands on the application.
Dell PowerScale OneFS, versions 8.2.0.x-9.4.0.x contain allocation of Resources Without Limits or Throttling vulnerability. A remote unauthenticated attacker could potentially exploit this vulnerability, leading to denial of service and performance issue on that node.
An issue was discovered in Insyde InsydeH2O with kernel 5.0 through 5.5. An SMM callout vulnerability in the SMM driver in UsbLegacyControlSmm leads to possible arbitrary code execution in SMM and escalation of privileges. An attacker could overwrite the function pointers in the EFI_BOOT_SERVICES table before the USB SMI handler triggers. (This is not exploitable from code running in the operating system.)
An issue was discovered in Insyde InsydeH2O with kernel 5.0 through 5.5. An SMM callout vulnerability in the SMM driver in UsbLegacyControlSmm leads to possible arbitrary code execution in SMM and escalation of privileges. An attacker could overwrite the function pointers in the EFI_BOOT_SERVICES table before the USB SMI handler triggers. (This is not exploitable from code running in the operating system.)
An issue was discovered in Insyde InsydeH2O with kernel 5.0 through 5.5. An SMM callout vulnerability in the SMM driver in UsbLegacyControlSmm leads to possible arbitrary code execution in SMM and escalation of privileges. An attacker could overwrite the function pointers in the EFI_BOOT_SERVICES table before the USB SMI handler triggers. (This is not exploitable from code running in the operating system.)
Ubuntu Security Notice 5535-1 - Joseph Nuzman discovered that some Intel processors did not properly initialise shared resources. A local attacker could use this to obtain sensitive information. Mark Ermolov, Dmitry Sklyarov and Maxim Goryachy discovered that some Intel processors did not prevent test and debug logic from being activated at runtime. A local attacker could use this to escalate privileges.
Ubuntu Security Notice 5486-1 - It was discovered that some Intel processors did not implement sufficient control flow management. A local attacker could use this to cause a denial of service. Joseph Nuzman discovered that some Intel processors did not properly initialise shared resources. A local attacker could use this to obtain sensitive information. Mark Ermolov, Dmitry Sklyarov and Maxim Goryachy discovered that some Intel processors did not prevent test and debug logic from being activated at runtime. A local attacker could use this to escalate privileges.
Dell Unity, Dell UnityVSA, and Dell Unity XT versions prior to 5.2.0.0.5.173 contain a plain-text password storage vulnerability when certain off-array tools are run on the system. The credentials of a user with high privileges are stored in plain text. A local malicious user with high privileges may use the exposed password to gain access with the privileges of the compromised user.
Improper input validation in the firmware for some Intel(R) Processors may allow a privileged user to potentially enable escalation of privilege via local access.
Improper input validation in the firmware for some Intel(R) Processors may allow a privileged user to potentially enable escalation of privilege via local access.
Improper input validation in the firmware for some Intel(R) Processors may allow a privileged user to potentially enable escalation of privilege via local access.
Improper input validation in BIOS firmware for some Intel(R) Processors may allow an authenticated user to potentially enable escalation of privilege via local access.
Improper conditions check in Intel BIOS platform sample code for some Intel(R) Processors before may allow a privileged user to potentially enable escalation of privilege via local access.
Improper conditions check in Intel BIOS platform sample code for some Intel(R) Processors before may allow a privileged user to potentially enable escalation of privilege via local access.
Improper conditions check in Intel BIOS platform sample code for some Intel(R) Processors before may allow a privileged user to potentially enable escalation of privilege via local access.
Improper conditions check in Intel BIOS platform sample code for some Intel(R) Processors before may allow a privileged user to potentially enable escalation of privilege via local access.
Insufficient control flow management in subsystem for Intel(R) CSME versions before 11.8.80, 11.12.80, 11.22.80, 12.0.70, 13.0.40, 13.30.10, 14.0.45 and 14.5.25 , Intel(R) TXE versions before 3.1.80 and 4.0.30 may allow an unauthenticated user to potentially enable escalation of privilege via physical access.
Insufficient input validation vulnerability in subsystem for Intel(R) AMT before version 12.0.35 may allow a privileged user to potentially enable denial of service via network access.