Lenovo Security Advisory: LEN-23156
**Potential Impact:**Privilege escalation
Severity: Medium
Scope of Impact: Industry-wide
**CVE Identifier:**CVE-2018-15532
Summary Description:
Synaptics has informed Lenovo of a vulnerability in the Synaptics TouchPad driver. The driver can reveal freed kernel memory addresses through the driver API. This makes kernel address space layout randomization, the defense mechanism implemented in the OS, inefficient and an exploit could potentially mount kernel level attacks to the OS.
Mitigation Strategy for Customers (what you should do to protect yourself):
Synaptics recommends customers update to the driver version listed for your product below, or later.