ThinkPad X13s: BIOS Update fixes vulnerabilities

Sicherheit (Pexels, allgemeine Nutzung)[German]Lenovo has pointed out a number of vulnerabilities in the BIOS of the ThinkPad X13s in a security announcement. These allow memory corruption and information disclosure. A BIOS update is available to close the vulnerabilities.


Advertising

Lenovo lists the following vulnerabilities that allow memory corruption and information disclosure in this security advisory.

  • CVE-2022-40516
  • CVE-2022-40517
  • CVE-2022-40518
  • CVE-2022-40519
  • CVE-2022-40520
  • CVE-2022-4432
  • CVE-2022-4433
  • CVE-2022-4434
  • CVE-2022-4435

Lenovo states the following impact of these vulnerabilities:

  • CVE-2022-40516, CVE-2022-40517, CVE-2022-40520: Qualcomm reported several stack-based buffer overflow vulnerabilities in Qualcomm BIOS that could allow a local attacker with elevated privileges to cause memory corruption.
  • CVE-2022-40518, CVE-2022-40519: Qualcomm reported several buffer over-read vulnerabilities in Qualcomm BIOS that could allow a local attacker with elevated privileges to cause information disclosure.
  • CVE-2022-4432, CVE-2022-4433, CVE-2022-4434, CVE-2022-4435: Several buffer over-read vulnerabilities were reported in ThinkPad X13s BIOS that could allow a local attacker with elevated privileges to cause information disclosure.

To close the vulnerabilities, a ThinkPad X13s BIOS update to version 1.47 (N3HET75W) or newer should be performed.  (via)


Cookies helps to fund this blog: Cookie settings
Advertising


##1

This entry was posted in computer, Security and tagged , . Bookmark the permalink.

Leave a Reply

Your email address will not be published. Required fields are marked *