CVE-2023-39281 Information

Description

A stack buffer overflow vulnerability discovered in AsfSecureBootDxe in Insyde InsydeH2O with kernel 5.0 through 5.5 allows attackers to run arbitrary code execution during the DXE phase.

Reference

https://www.insyde.com/security-pledge https://www.insyde.com/security-pledge/SA-2023054