CVE-2022-38087 — Vulnetix

CVE-2022-38087 PUBLISHED

BRLY-2022-028 Medium CVE-2022-38087 BINARLY efiXplorer team discovered that most enterprise vendors are affected by not correctly applying the Return Stack Buffer (RSB) stuffing mitigation logic before resuming from SMM (RSM instruction).

EPSS 0.05% · 17.5th percentile

Risk Scores

EPSS Score

0.05%

17.5th percentile

Timeline

Aug 15, 2022 CVE Published
May 11, 2023 EPSS Score
Jun 17, 2023 EPSS Score
Jul 23, 2023 EPSS Score
Aug 29, 2023 EPSS Score
Oct 5, 2023 EPSS Score
Nov 11, 2023 EPSS Score
Dec 17, 2023 EPSS Score
Jan 23, 2024 EPSS Score
Feb 29, 2024 EPSS Score
Apr 6, 2024 EPSS Score
May 12, 2024 EPSS Score

References

Absence or incomplete applying the Return Stack Buffer (RSB) stuffing mitigation logic before resuming from SMM advisory
Absence or incomplete applying the Return Stack Buffer (RSB) stuffing mitigation logic before resuming from SMM advisory

Open in Interactive Console →