Lenovo Security Advisory: LEN-29334
Potential Impact: Denial of Service
Severity: Medium
Scope of Impact: Lenovo-specific
CVE Identifier: CVE-2019-6192
Summary Description:
A potential vulnerability has been reported in the Lenovo Power Management Driver which could lead to a denial of service.
Mitigation Strategy for Customers (what you should do to protect yourself):
Update to Lenovo Power Management driver version 1.67.17.48 or higher for the following models:
ThinkPad 13 Gen 2 (Machine types: 20J1, 20J2)
ThinkPad 25
ThinkPad A275, A285, A475, A485
ThinkPad E14 (Machine types: 20RA, 20RB)
ThinkPad E15 (Machine types: 20RD, 20RE)
ThinkPad E470, E470c, E475, E480, E490, E495
ThinkPad E570, E570c, E575, E580, E590, E595
ThinkPad L13 (Machine types: 20R3, 20R4)
ThinkPad L13 Yoga (Machine types: 20R5, 20R6)
ThinkPad L380 (Machine types: 20M5, 20M6)
ThinkPad L380 Yoga (Machine types: 20M7, 20M8)
ThinkPad L390 (Machine types: 20NR, 20NS)
ThinkPad L390 Yoga (Machine types: 20NT, 20NU)
ThinkPad L470, L480, L490
ThinkPad L570, L580, L590
ThinkPad P1 (Machine types: 20MD, 20ME)
ThinkPad P1 Gen 2 (Machine types: 20QT, 20QU)
ThinkPad P43s (Machine types: 20RH, 20RJ)
ThinkPad P51, P51s, P52, P53, P52s, P53s
ThinkPad P71, P72
ThinkPad P73 (Machine types: 20QR, 20QS)
ThinkPad R14 (Machine types: 20RC)
ThinkPad R480
ThinkPad S1 Gen 4 (Machine types: 20LK, 20LL)
ThinkPad S2 Gen 2 (Machine types: 20J3)
ThinkPad S2 Gen 5 (Machine types: 20R7)
ThinkPad S2 Yoga Gen 5 (Machine types: 20R8)
ThinkPad S3 Gen 2 (Machine types: 20RG)
ThinkPad S5 Gen 2 (Machine types: 20JA)
ThinkPad T470, T470p, T470s
ThinkPad T480 (Machine types: 20L5, 20L6)
ThinkPad T480s (Machine types: 20L7, 20L8)
ThinkPad T490 (Machine types: 20N2,20N3,20Q9,20QH,20RY,20RX)
ThinkPad T490s (Machine types: 20NX, 20NY)
ThinkPad T495 (Machine types: 20NJ, 20NK)
ThinkPad T570 (Machine types: 20H9, 20HA)
ThinkPad T580 (Machine types: 20L9, 20LA)
ThinkPad T590 (Machine types: 20N4, 20N5)
ThinkPad X1 Carbon Gen 5 (Machine types: 20HQ,20HR,20K3,20K4)
ThinkPad X1 Carbon Gen 6 (Machine types: 20KH, 20KG)
ThinkPad X1 Carbon Gen 7 (Machine types: 20QD, 20QE, 20R1, 20R2)
ThinkPad X1 Tablet Gen 2 (Machine types: 20JB, 20JC)
ThinkPad X1 Tablet Gen 3 (Machine types: 20KJ, 20KK)
ThinkPad X1 Yoga Gen 2 (Machine types: 20JD,20JE,20JF,20JG)
ThinkPad X1 Yoga Gen 3 (Machine types: 20LD,20LE,20LF,20LG)
ThinkPad X1 Yoga Gen 4 (Machine types: 20QF, 20QG, 20SA ,20SB)
ThinkPad X1 Extreme (Machine types: 20MF, 20MG)
ThinkPad X1 Extreme 2nd (Machine types: 20QV, 20QW)
ThinkPad X270 (Machine types: 20HM, 20HN)
ThinkPad X280 (Machine types: 20KE, 20KF)
ThinkPad X380 Yoga (Machine types: 20LH, 20LJ)
ThinkPad X390 (Machine types: 20Q0, 20Q1)
ThinkPad X390 Yoga (Machine types: 20NN, 20NQ)
ThinkPad X395 (Machine types: 20NL, 20NM)
ThinkPad Yoga 370 (Machine types: 20JH, 20JJ)
Update to Lenovo Power Management driver version 1.67.16.42 or higher for the following models:
References:
Lenovo thanks Nassim Asrir for reporting this issue.
Revision History:
Revision | Date | Description |
---|---|---|
2 | 2020-01-15 | Added fix version for additional models |
1 | 2019-12-10 | Initial release |
For a complete list of all Lenovo Product Security Advisories, click here.
For the most up to date information, please remain current with updates and advisories from Lenovo regarding your equipment and software. The information provided in this advisory is provided on an βas isβ basis without any warranty or guarantee of any kind. Lenovo reserves the right to change or update this advisory at any time.