Lenovo Security Advisory: LEN-29592
Potential Impact: Denial of service, privilege escalation, information disclosure
Severity: High
Scope of Impact: Industry-wide
CVE Identifier: CVE-2013-4312, CVE-2013-7446, CVE-2014-3631, CVE-2014-5206, CVE-2014-5207, CVE-2014-6410, CVE-2014-7145, CVE-2014-7822, CVE-2014-7970, CVE-2014-7975, CVE-2014-8160, CVE-2014-8559, CVE-2014-8989, CVE-2014-9420, CVE-2014-9529, CVE-2014-9728, CVE-2014-9729, CVE-2014-9730, CVE-2015-1333, CVE-2015-1350, CVE-2015-1805, CVE-2015-2925, CVE-2015-3288, CVE-2015-3339, CVE-2015-3636, CVE-2015-4167, CVE-2015-5706, CVE-2015-7613, CVE-2015-8215, CVE-2015-8816, CVE-2015-8964, CVE-2016-0723, CVE-2016-0728, CVE-2016-0758, CVE-2016-0823, CVE-2016-10208, CVE-2016-2847, CVE-2016-3070, CVE-2016-3156, CVE-2016-4482, CVE-2016-5696, CVE-2016-6213, CVE-2016-6828, CVE-2016-7097, CVE-2016-7910, CVE-2016-7914, CVE-2016-7916, CVE-2016-8405, CVE-2016-8645, CVE-2016-9191, CVE-2017-1000253, CVE-2017-1000364, CVE-2017-13305, CVE-2017-14106, CVE-2017-15299, CVE-2017-16531, CVE-2017-16535, CVE-2017-17449, CVE-2017-17558, CVE-2017-17806, CVE-2017-18270, CVE-2017-2647, CVE-2017-2671, CVE-2017-5551, CVE-2017-5669, CVE-2017-5897, CVE-2017-7495, CVE-2017-7542, CVE-2017-7618, CVE-2017-8064, CVE-2017-9242, CVE-2018-1000026, CVE-2018-10087, CVE-2018-10124, CVE-2018-1066, CVE-2018-10876, CVE-2018-10877, CVE-2018-10880, CVE-2018-10881, CVE-2018-10882, CVE-2018-10883, CVE-2018-1092, CVE-2018-1093, CVE-2018-12896, CVE-2018-13053, CVE-2018-16884, CVE-2018-17972, CVE-2018-18281, CVE-2018-18344, CVE-2018-20169, CVE-2018-5344, CVE-2018-5953, CVE-2018-5995, CVE-2018-6927, CVE-2018-9422, CVE-2018-9568, CVE-2019-10638, CVE-2019-10639, CVE-2019-11190, CVE-2019-11477, CVE-2019-11478, CVE-2019-11479, CVE-2019-11599, CVE-2019-11833, CVE-2019-12819, CVE-2019-13272, CVE-2019-3901, CVE-2019-5489, CVE-2019-9213
Summary Description:
AMI has released AMI MegaRAC SP-X Baseboard Management Controller (BMC) security enhancements to address Linux kernel vulnerabilities.
Mitigation Strategy for Customers (what you should do to protect yourself):
Upgrade to the BMC firmware version (or newer) indicated for your model in the Product Impact section below.
Product Impact:
To download the version specified for your product below, follow these steps:
Alternatively and if applicable for your product, you may use Lenovo Vantage or Windows Update to update to the latest available version. To confirm you are using the minimum fix version (or higher), go to Add/Remove Programs and check the version listed there.