Lenovo Security Advisory: LEN-14440
Potential Impact: A local user could alter trackpoint functionality on the system
Severity: Low
Scope of Impact: Lenovo-specific
CVE Identifier: CVE-2017-3741
Summary Description:
During an internal review, a vulnerability was identified in the Lenovo Power Management driver versions 1.67.12.19 through 1.67.12.23 that could allow a local user to alter the trackpointโs firmware and stop the trackpoint from functioning correctly. This issue only affects ThinkPad X1 Carbon 5th generation.
Mitigation Strategy for Customers (what you should do to protect yourself):
Update the Lenovo Power Management driver to version 1.67.12.24 by clicking here.