CVE-2019-6192: Buffer Overflow
First published: Tue Dec 10 2019(Updated: )
A potential vulnerability has been reported in Lenovo Power Management Driver versions prior to 1.67.17.48 leading to a buffer overflow which could cause a denial of service.
Credit: psirt@lenovo.com
| Affected Software | Affected Version | How to fix |
|---|---|---|
| Lenovo Power Management Driver | <1.67.17.48 | |
| Lenovo ThinkPad 13 2nd Gen Firmware | ||
| Lenovo ThinkPad 25 Firmware | ||
| Lenovo ThinkPad A275 Firmware | ||
| Lenovo ThinkPad A285 Firmware | ||
| Lenovo ThinkPad A475 Firmware | ||
| Lenovo ThinkPad A485 Firmware | ||
| Lenovo Thinkpad E14 | ||
| Lenovo ThinkPad E15 | ||
| Lenovo ThinkPad E470 | ||
| Lenovo ThinkPad E470c | ||
| Lenovo ThinkPad E475 Firmware | ||
| Lenovo ThinkPad E480 | ||
| Lenovo ThinkPad E490 | ||
| Lenovo ThinkPad E495 | ||
| Lenovo ThinkPad E570 Firmware | ||
| Lenovo ThinkPad E570c | ||
| Lenovo ThinkPad E575 Firmware | ||
| Lenovo Thinkpad E580 | ||
| Lenovo ThinkPad E590 | ||
| Lenovo ThinkPad E595 | ||
| Lenovo ThinkPad L13 | ||
| Lenovo ThinkPad L13 Yoga Gen 1 | ||
| Lenovo ThinkPad L380 | ||
| Lenovo ThinkPad L380 Yoga Firmware | ||
| Lenovo Thinkpad L390 Firmware | ||
| Lenovo ThinkPad L390 Yoga Firmware | ||
| Lenovo ThinkPad L470 Firmware | ||
| Lenovo ThinkPad L480 | ||
| Lenovo ThinkPad L490 Firmware | ||
| Lenovo ThinkPad L570 Firmware | ||
| Lenovo ThinkPad L580 Firmware | ||
| Lenovo ThinkPad L590 Firmware | ||
| Lenovo ThinkPad P1 Firmware | ||
| Lenovo Thinkpad P1 Gen 2 | ||
| Lenovo Thinkpad P43s Firmware | ||
| Lenovo ThinkPad P51 | ||
| Lenovo ThinkPad P51s Firmware | ||
| Lenovo ThinkPad P52 | ||
| Lenovo ThinkPad P52s Firmware | ||
| Lenovo ThinkPad P53s | ||
| Lenovo ThinkPad P53s Firmware | ||
| Lenovo ThinkPad P7 | ||
| Lenovo ThinkPad P72 Firmware | ||
| Lenovo ThinkPad P73 Firmware | ||
| Lenovo ThinkPad R14 | ||
| Lenovo ThinkPad R480 | ||
| Lenovo ThinkPad S1 Gen 4 | ||
| Lenovo ThinkPad S2 Gen 2 | ||
| Lenovo ThinkPad S2 Gen 5 | ||
| Lenovo ThinkPad S2 Yoga Gen 5 | ||
| Lenovo ThinkPad S3 Gen 2 Firmware | ||
| Lenovo ThinkPad S5 2nd Generation | ||
| Lenovo ThinkPad T470p | ||
| Lenovo ThinkPad T470p | ||
| Lenovo ThinkPad T470s Firmware | ||
| Lenovo ThinkPad T480 | ||
| Lenovo ThinkPad T480s Firmware | ||
| Lenovo ThinkPad T490 (20QX) | ||
| Lenovo ThinkPad T490s Firmware | ||
| Lenovo ThinkPad T495 Drift Firmware | ||
| Lenovo ThinkPad T570 Firmware | ||
| Lenovo ThinkPad T580 | ||
| Lenovo ThinkPad T590 | ||
| Lenovo ThinkPad X1 Carbon 5 | ||
| Lenovo ThinkPad X1 Carbon Gen 6 Firmware | ||
| Lenovo ThinkPad X1 Carbon 7th Gen | ||
| Lenovo ThinkPad X1 Extreme (20MX) | ||
| Lenovo ThinkPad X1 Extreme (2nd Gen) | ||
| Lenovo ThinkPad X1 Tablet Gen 2 | ||
| Lenovo ThinkPad X1 Tablet Gen 3 Firmware | ||
| Lenovo ThinkPad X1 Yoga Gen 2 Firmware | ||
| Lenovo ThinkPad X1 Yoga | ||
| Lenovo ThinkPad X1 Yoga 4th Gen | ||
| Lenovo ThinkPad X270 | ||
| Lenovo ThinkPad X280 | ||
| Lenovo ThinkPad X380 Yoga | ||
| Lenovo ThinkPad X390 Yoga | ||
| Lenovo ThinkPad X390 Yoga Firmware | ||
| Lenovo ThinkPad x395 firmware | ||
| Lenovo ThinkPad Yoga 370 Firmware |
Remedy
Update to Lenovo Power Management driver version 1.67.17.48 or higher.
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Reference Links
Frequently Asked Questions
What is the severity of CVE-2019-6192?
CVE-2019-6192 has a high severity due to its potential to cause a denial of service through a buffer overflow.
How do I fix CVE-2019-6192?
To fix CVE-2019-6192, update the Lenovo Power Management Driver to version 1.67.17.48 or newer.
Which versions are affected by CVE-2019-6192?
CVE-2019-6192 affects Lenovo Power Management Driver versions prior to 1.67.17.48.
What systems are impacted by CVE-2019-6192?
Systems using vulnerable versions of the Lenovo Power Management Driver are impacted by CVE-2019-6192.
What type of vulnerability is CVE-2019-6192?
CVE-2019-6192 is a buffer overflow vulnerability that can lead to denial of service.
- agent/references
- agent/type
- agent/author
- agent/severity
- agent/weakness
- agent/remedy
- agent/description
- collector/mitre-cve
- source/MITRE
- agent/last-modified-date
- agent/first-publish-date
- agent/event
- agent/source
- agent/softwarecombine
- agent/tags
- collector/nvd-index
- agent/software-canonical-lookup-request
- vendor/lenovo
- canonical/lenovo power management driver
- canonical/lenovo thinkpad 13 2nd gen firmware
- canonical/lenovo thinkpad 25 firmware
- canonical/lenovo thinkpad a275 firmware
- canonical/lenovo thinkpad a285 firmware
- canonical/lenovo thinkpad a475 firmware
- canonical/lenovo thinkpad a485 firmware
- canonical/lenovo thinkpad e14
- canonical/lenovo thinkpad e15
- canonical/lenovo thinkpad e470
- canonical/lenovo thinkpad e470c
- canonical/lenovo thinkpad e475 firmware
- canonical/lenovo thinkpad e480
- canonical/lenovo thinkpad e490
- canonical/lenovo thinkpad e495
- canonical/lenovo thinkpad e570 firmware
- canonical/lenovo thinkpad e570c
- canonical/lenovo thinkpad e575 firmware
- canonical/lenovo thinkpad e580
- canonical/lenovo thinkpad e590
- canonical/lenovo thinkpad e595
- canonical/lenovo thinkpad l13
- canonical/lenovo thinkpad l13 yoga gen 1
- canonical/lenovo thinkpad l380
- canonical/lenovo thinkpad l380 yoga firmware
- canonical/lenovo thinkpad l390 firmware
- canonical/lenovo thinkpad l390 yoga firmware
- canonical/lenovo thinkpad l470 firmware
- canonical/lenovo thinkpad l480
- canonical/lenovo thinkpad l490 firmware
- canonical/lenovo thinkpad l570 firmware
- canonical/lenovo thinkpad l580 firmware
- canonical/lenovo thinkpad l590 firmware
- canonical/lenovo thinkpad p1 firmware
- canonical/lenovo thinkpad p1 gen 2
- canonical/lenovo thinkpad p43s firmware
- canonical/lenovo thinkpad p51
- canonical/lenovo thinkpad p51s firmware
- canonical/lenovo thinkpad p52
- canonical/lenovo thinkpad p52s firmware
- canonical/lenovo thinkpad p53s
- canonical/lenovo thinkpad p53s firmware
- canonical/lenovo thinkpad p7
- canonical/lenovo thinkpad p72 firmware
- canonical/lenovo thinkpad p73 firmware
- canonical/lenovo thinkpad r14
- canonical/lenovo thinkpad r480
- canonical/lenovo thinkpad s1 gen 4
- canonical/lenovo thinkpad s2 gen 2
- canonical/lenovo thinkpad s2 gen 5
- canonical/lenovo thinkpad s2 yoga gen 5
- canonical/lenovo thinkpad s3 gen 2 firmware
- canonical/lenovo thinkpad s5 2nd generation
- canonical/lenovo thinkpad t470p
- canonical/lenovo thinkpad t470s firmware
- canonical/lenovo thinkpad t480
- canonical/lenovo thinkpad t480s firmware
- canonical/lenovo thinkpad t490 (20qx)
- canonical/lenovo thinkpad t490s firmware
- canonical/lenovo thinkpad t495 drift firmware
- canonical/lenovo thinkpad t570 firmware
- canonical/lenovo thinkpad t580
- canonical/lenovo thinkpad t590
- canonical/lenovo thinkpad x1 carbon 5
- canonical/lenovo thinkpad x1 carbon gen 6 firmware
- canonical/lenovo thinkpad x1 carbon 7th gen
- canonical/lenovo thinkpad x1 extreme (20mx)
- canonical/lenovo thinkpad x1 extreme (2nd gen)
- canonical/lenovo thinkpad x1 tablet gen 2
- canonical/lenovo thinkpad x1 tablet gen 3 firmware
- canonical/lenovo thinkpad x1 yoga gen 2 firmware
- canonical/lenovo thinkpad x1 yoga
- canonical/lenovo thinkpad x1 yoga 4th gen
- canonical/lenovo thinkpad x270
- canonical/lenovo thinkpad x280
- canonical/lenovo thinkpad x380 yoga
- canonical/lenovo thinkpad x390 yoga
- canonical/lenovo thinkpad x390 yoga firmware
- canonical/lenovo thinkpad x395 firmware
- canonical/lenovo thinkpad yoga 370 firmware