First published: Wed May 18 2022(Updated: )
A buffer overflow vulnerability in Lenovo Smart Standby Driver prior to version 4.1.50.0 could allow a local attacker to cause denial of service.
Credit: psirt@lenovo.com
Affected Software | Affected Version | How to fix |
---|---|---|
Lenovo Smart Standby Driver | <4.1.50.0 |
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
The vulnerability ID is CVE-2022-1110.
The title of the vulnerability is 'A buffer overflow vulnerability in Lenovo Smart Standby Driver prior to version 4.1.50.0 could allow…'.
The vulnerability is a buffer overflow vulnerability in Lenovo Smart Standby Driver prior to version 4.1.50.0 that could allow a local attacker to cause denial of service.
The affected software is Lenovo Smart Standby Driver versions up to and excluding 4.1.50.0.
The severity of the vulnerability is medium with a CVSS score of 5.5.
To fix the vulnerability, update Lenovo Smart Standby Driver to version 4.1.50.0 or later.
You can find more information about the vulnerability at the following link: https://support.lenovo.com/us/en/product_security/LEN-79452
The Common Weakness Enumerations (CWE) associated with the vulnerability are CWE-119 (Improper Restriction of Operations within the Bounds of a Memory Buffer) and CWE-120 (Buffer Copy without Checking Size of Input).