In System Management Module (SMM) versions prior to 1.06, the SMM certificate creation and parsing logic is vulnerable to several buffer overflows.
References
Link | Resource |
---|---|
https://support.lenovo.com/us/en/solutions/LEN-24374 | Vendor Advisory |
Configurations
Configuration 1 (hide)
AND |
|
History
No history.
Information
Published : 2018-11-27 14:29
Updated : 2024-02-04 20:03
NVD link : CVE-2018-16091
Mitre link : CVE-2018-16091
CVE.ORG link : CVE-2018-16091
JSON object : View
Products Affected
lenovo
- thinksystem_modular_enclosure_7x22
- thinkagile_hx_enclosure_7x81
- thinkagile_vx_enclosure_7y11
- system_management_module_firmware
- thinkagile_vx_enclosure_7y91
- thinksystem_d2_enclosure_7x20
- thinkagile_hx_enclosure_7y87
- thinkagile_hx_enclosure_7z02
CWE
CWE-119
Improper Restriction of Operations within the Bounds of a Memory Buffer