CVE-2022-1891
CVE-2022-1891 concerns a buffer overflow in Lenovo Notebook firmware, specifically the SystemLoadDefaultDxe driver (also involving ReadyBootDxe and SystemBootManagerDxe). The root cause is insufficient validation of an NVRAM DataSize variable, enabling local privilege escalation to arbitrary code...