Background

The same malformed file system structures can cause problems in independently developed file system parsers…

For example, missing boundary checks when parsing the NTFS update sequence array resulted in two vulnerabilities disclosed before: one in the ntfsck tool (from the ntfs-3g package) – CVE-2021-46790, one in the 7-Zip archiver – CVE-2023-52168.

Now, there is a third item in that row: CVE-2022-29974.

This is a pool-based buffer overflow in the AMI NTFS driver, it has the same root cause as two other vulnerabilities mentioned above. And, interestingly, it took more than 2 years for the fix to reach downstream firmware updates…

This post is about 5 vulnerabilities discovered in EFI file system drivers from AMI.

Continue reading “Multiple vulnerabilities in AMI file system drivers” →