Buffer overflow

2023-08-1717:15:00

PRIOn knowledge base

www.prio-n.com

buffer overflow

lenovo thinkpad

driver vulnerability

arbitrary code execution

local access

6.9 Medium

AI Score

Confidence

High

0.0004 Low

EPSS

Percentile

5.1%

JSON

A buffer overflow has been identified in the BoardUpdateAcpiDxe driver in some Lenovo ThinkPad products which may allow an attacker with local access and elevated privileges to execute arbitrary code.

CPENameOperatorVersion
k14_type_21cu_firmwarelt1.12
k14_type_21cv_firmwarelt1.12
thinkpad_e14_gen_3_firmwarelt1.15
thinkpad_e15_gen_3_firmwarelt1.15
thinkpad_l13_gen_2_firmwarelt1.30
thinkpad_l13_gen_3_firmwarelt1.19
thinkpad_l13_gen_4_firmwarelt1.10
thinkpad_l13_yoga_gen_2_firmwarelt1.30
thinkpad_l13_yoga_gen_3_firmwarelt1.19
thinkpad_l13_yoga_gen_4_firmwarelt1.10

Name	Operator	Version
k14_type_21cu_firmware	lt	1.12
k14_type_21cv_firmware	lt	1.12
thinkpad_e14_gen_3_firmware	lt	1.15
thinkpad_e15_gen_3_firmware	lt	1.15
thinkpad_l13_gen_2_firmware	lt	1.30
thinkpad_l13_gen_3_firmware	lt	1.19
thinkpad_l13_gen_4_firmware	lt	1.10
thinkpad_l13_yoga_gen_2_firmware	lt	1.30
thinkpad_l13_yoga_gen_3_firmware	lt	1.19
thinkpad_l13_yoga_gen_4_firmware	lt	1.10