7.8
CWE
120 122 119
Advisory Published
Updated

CVE-2022-1892: Buffer Overflow

First published: Mon Jan 23 2023(Updated: )

A buffer overflow in the SystemBootManagerDxe driver in some Lenovo Notebook products may allow an attacker with local privileges to execute arbitrary code.

Credit: psirt@lenovo.com

Affected SoftwareAffected VersionHow to fix
Lenovo 100e 2nd Gen Firmware<frcn23ww
Lenovo 100e 2nd Gen
Lenovo 100w Gen 3 Firmware<gacn38ww
Lenovo 100w Gen 3
Lenovo 13w Yoga Firmware<jacn31ww
Lenovo 13w Yoga
Lenovo 14w Gen 2 Firmware<h0cn21ww
Lenovo 14w Gen 2
Lenovo 300e 2nd Gen Firmware<frcn23ww
Lenovo 300e 2nd Gen
Lenovo 300w Gen 3 Firmware<gacn38ww
Lenovo 300w Gen 3
Lenovo 500w Gen 3 Firmware<g6cn40ww
Lenovo 500w Gen 3
Lenovo 730s-13iml Firmware<brcn20ww
Lenovo 730s-13iml
Lenovo Flex 3-11ada05 Firmware<fpcn26ww
Lenovo Flex 3-11ada05
Lenovo Flex 5-14alc05 Firmware<gjcn27ww
Lenovo Flex 5-14alc05
Lenovo Flex 5-14are05 Firmware<eecn39ww
Lenovo Flex 5-14are05
Lenovo Flex 5-14iil05 Firmware<eecn40ww
Lenovo Flex 5-14iil05
Lenovo Flex 5-14itl05 Firmware<fxcn38ww
Lenovo Flex 5-14itl05
Lenovo Flex 5-15alc05 Firmware<gjcn27ww
Lenovo Flex 5-15alc05
Lenovo Flex 5-15iil05 Firmware<eccn40ww
Lenovo Flex 5-15iil05
Lenovo Flex 5-15itl05 Firmware<fxcn38ww
Lenovo Flex 5-15itl05
Lenovo Ideapad 1-11ada05 Firmware<fqcn26ww
Lenovo Ideapad 1-11ada05
Lenovo Ideapad 1-11igl05 Firmware<dwcn24ww
Lenovo Ideapad 1-11igl05
Lenovo Ideapad 1-14ada05 Firmware<fqcn26ww
Lenovo Ideapad 1-14ada05
Lenovo Ideapad 1-14igl05 Firmware<dwcn24ww
Lenovo Ideapad 1-14igl05
Lenovo Ideapad 3-15ada05 Firmware<e8cn36ww
Lenovo Ideapad 3-15ada05
Lenovo Ideapad 3-14ada05 Firmware<e8cn36ww
Lenovo Ideapad 3-14ada05
Lenovo Ideapad 3-14ada6 Firmware<hbcn24ww
Lenovo Ideapad 3-14ada6
Lenovo Ideapad 3-14alc6 Firmware<glcn48ww
Lenovo Ideapad 3-14alc6
Lenovo Ideapad 3-15ada6 Firmware<hbcn24ww
Lenovo Ideapad 3-15ada6
Lenovo Ideapad 3-15alc6 Firmware<glcn48ww
Lenovo Ideapad 3-15alc6
Lenovo Ideapad 3-17alc6 Firmware<e8cn36ww
Lenovo Ideapad 3-17alc6
Lenovo Ideapad 3-17ada05 Firmware<hbcn24ww
Lenovo Ideapad 3-17ada05
Lenovo Ideapad 3-17ada6 Firmware<glcn48ww
Lenovo Ideapad 3-17ada6
Lenovo Ideapad 5 15aba7 Firmware<kacn14ww
Lenovo Ideapad 5 15aba7
Lenovo Ideapad Flex 5 14alc7 Firmware<jccn29ww
Lenovo Ideapad Flex 5 14alc7
Lenovo Ideapad Flex 5 16alc7 Firmware<jccn29ww
Lenovo Ideapad Flex 5 16alc7
Lenovo Legion S7-15imh5 Firmware<hacn37ww
Lenovo Legion S7-15imh5
Lenovo Legion S7-15ach6 Firmware<g1cn27ww
Lenovo Legion S7-15ach6
Lenovo Legion S7-15arh5 Firmware<fdcn40ww
Lenovo Legion S7-15arh5
Lenovo S145-14api Firmware<bucn33ww
Lenovo S145-14api
Lenovo S145-14ast Firmware<aycn28ww
Lenovo S145-14ast
Lenovo S145-15api Firmware<bucn33ww
Lenovo S145-15api
Lenovo S145-15ast Firmware<aycn28ww
Lenovo S145-15ast
Lenovo S540-13api Firmware<cxcn36ww
Lenovo S540-13api
Lenovo Ideapad S940-14iil Firmware<bqcn34ww
Lenovo Ideapad S940-14iil
Lenovo Yoga S940-14iil Firmware<bqcn34ww
Lenovo Yoga S940-14iil
Lenovo Ideapad Slim 1-14ast-05 Firmware<cwcn25ww
Lenovo Ideapad Slim 1-14ast-05
Lenovo Ideapad Slim 1-11ast-05 Firmware<cwcn25ww
Lenovo Ideapad Slim 1-11ast-05
Lenovo Thinkbook 13s G3 Acn Firmware<gmcn29ww
Lenovo Thinkbook 13s G3 Acn
Lenovo Thinkbook 13s G2 Are Firmware<fvcn24ww
Lenovo Thinkbook 13s G2 Are
Lenovo Thinkbook 13s G2 Itl Firmware<f9cn50ww
Lenovo Thinkbook 13s G2 Itl
Lenovo Thinkbook 13s-iml Firmware<cqcn37ww
Lenovo Thinkbook 13s-iml
Lenovo Thinkbook 14-iil Firmware<djcn28ww
Lenovo Thinkbook 14-iil
Lenovo Thinkbook 14-iml Firmware<cjcn38ww
Lenovo Thinkbook 14-iml
Lenovo Thinkbook 14p G2 Ach Firmware<gwcn41ww
Lenovo Thinkbook 14p G2 Ach
Lenovo Thinkbook 14s G2 Itl Firmware<f9cn50ww
Lenovo Thinkbook 14s G2 Itl
Lenovo Thinkbook 14s-iml Firmware<cqcn37ww
Lenovo Thinkbook 14s-iml
Lenovo Thinkbook 15-iil Firmware<djcn28ww
Lenovo Thinkbook 15-iil
Lenovo Thinkbook 15-iml Firmware<cjcn38ww
Lenovo Thinkbook 15-iml
Lenovo Thinkbook 16p G2 Ach Firmware<gxcn42ww
Lenovo Thinkbook 16p G2 Ach
Lenovo V130-15ikb Firmware<8vcn31ww
Lenovo V130-15ikb
Lenovo V14 G2-alc Firmware<glcn48ww
Lenovo V14 G2-alc
Lenovo V14-ada Firmware<e8cn36ww
Lenovo V14-ada
Lenovo V15 G2-alc Firmware<glcn48ww
Lenovo V15 G2-alc
Lenovo V15-ada Firmware<e8cn36ww
Lenovo V15-ada
Lenovo Yoga 9-15imh5 Firmware<epcn28ww
Lenovo Yoga 9-15imh5
Lenovo Yoga C640-13iml Firmware<chcn28ww
Lenovo Yoga C640-13iml
Lenovo Yoga C640-13iml Lte Firmware<chcn28ww
Lenovo Yoga C640-13iml Lte
Lenovo Yoga C940-15irh Firmware<bscn37ww
Lenovo Yoga C940-15irh
Lenovo Yoga S730-13iml Firmware<brcn20ww
Lenovo Yoga S730-13iml
Lenovo Yoga Slim 7 Pro-14ach5 Firmware<gzcn29ww
Lenovo Yoga Slim 7 Pro-14ach5
Lenovo Yoga Slim 7 Pro-14ach5 O Firmware<gzcn29ww
Lenovo Yoga Slim 7 Pro-14ach5 O
Lenovo Yoga Slim 7 Pro-14arh5 Firmware<gzcn24ww
Lenovo Yoga Slim 7 Pro-14arh5
Lenovo Ideapad 5-15alc05 Firmware<h2cn27ww
Lenovo Ideapad 5-15alc05

Remedy

Update system firmware to the version (or newer) indicated for your model in the product Impact section of LEN-91369

Never miss a vulnerability like this again

Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.

Contact

SecAlerts Pty Ltd.
132 Wickham Terrace
Fortitude Valley,
QLD 4006, Australia
info@secalerts.co
By using SecAlerts services, you agree to our services end-user license agreement. This website is safeguarded by reCAPTCHA and governed by the Google Privacy Policy and Terms of Service. All names, logos, and brands of products are owned by their respective owners, and any usage of these names, logos, and brands for identification purposes only does not imply endorsement. If you possess any content that requires removal, please get in touch with us.
© 2024 SecAlerts Pty Ltd.
ABN: 70 645 966 203, ACN: 645 966 203