[German]Lenovo has pointed out a number of vulnerabilities in the BIOS of the ThinkPad X13s in a security announcement. These allow memory corruption and information disclosure. A BIOS update is available to close the vulnerabilities.
Lenovo lists the following vulnerabilities that allow memory corruption and information disclosure in this security advisory.
Lenovo states the following impact of these vulnerabilities:
- CVE-2022-40516, CVE-2022-40517, CVE-2022-40520: Qualcomm reported several stack-based buffer overflow vulnerabilities in Qualcomm BIOS that could allow a local attacker with elevated privileges to cause memory corruption.
- CVE-2022-40518, CVE-2022-40519: Qualcomm reported several buffer over-read vulnerabilities in Qualcomm BIOS that could allow a local attacker with elevated privileges to cause information disclosure.
- CVE-2022-4432, CVE-2022-4433, CVE-2022-4434, CVE-2022-4435: Several buffer over-read vulnerabilities were reported in ThinkPad X13s BIOS that could allow a local attacker with elevated privileges to cause information disclosure.
Cookies helps to fund this blog: Cookie settings