Описание
Heap-based buffer overflow in the tvtumin.sys kernel driver in Lenovo Rescue and Recovery 4.20, including 4.20.0511 and 4.20.0512, allows local users to execute arbitrary code via a long file name.
Ссылки
- Vendor Advisory
- PatchVendor Advisory
- PatchVendor Advisory
- Patch
- Vendor Advisory
- PatchVendor Advisory
- PatchVendor Advisory
- Patch
Уязвимые конфигурации
Конфигурация 1
Одно из
cpe:2.3:a:lenovo:resuce_and_recovery:4.20:*:*:*:*:*:*:*
cpe:2.3:a:lenovo:resuce_and_recovery:4.20.0511:*:*:*:*:*:*:*
cpe:2.3:a:lenovo:resuce_and_recovery:4.20.0512:*:*:*:*:*:*:*
EPSS
Процентиль: 27%
0.00094
Низкий
7.2 High
CVSS2
Дефекты
CWE-119
Связанные уязвимости
github
почти 4 года назад
Heap-based buffer overflow in the tvtumin.sys kernel driver in Lenovo Rescue and Recovery 4.20, including 4.20.0511 and 4.20.0512, allows local users to execute arbitrary code via a long file name.
EPSS
Процентиль: 27%
0.00094
Низкий
7.2 High
CVSS2
Дефекты
CWE-119