CVE-2022-1891

Description

A buffer overflow in the SystemLoadDefaultDxe driver in some Lenovo Notebook products may allow an attacker with local privileges to execute arbitrary code.

Related CPE's

olenovothinkbook_14-iml_firmware********

hlenovothinkbook_14-iml-*******

olenovothinkbook_14-iil_firmware********

hlenovothinkbook_14-iil-*******

olenovothinkbook_15-iil_firmware********

hlenovothinkbook_15-iil-*******

olenovothinkbook_15-iml_firmware********

hlenovothinkbook_15-iml-*******

olenovoyoga_c640-13iml_lte_firmware********

hlenovoyoga_c640-13iml_lte-*******

References

https://support.lenovo.com/us/en/product_security/LEN-91369

Vendor Advisory

CvssV3 impact

Could not find any metrics

CvssV2 impact

Could not find any metrics
Created by Yello
About Severity.io