CVE-2022-1890
CVE-2022-1890 affects Lenovo Notebook products via a buffer overflow in the ReadyBootDxe driver (and related drivers ReadyBootDxe/SystemLoadDefaultDxe/SystemBootManagerDxe). The root cause is insufficient validation of an NVRAM variable (DataSize), enabling local-privilege arbitrary code executio...