CVE-2023-43573
https://notcve.org/view.php?id=CVE-2023-43573
A buffer overflow was reported in the LEMALLDriversConnectedEventHook module in some Lenovo Desktop products that may allow a local attacker with elevated privileges to execute arbitrary code. Se informó un desbordamiento del búfer en el módulo LEMALLDriversConnectedEventHook en algunos productos de Lenovo Desktop que puede permitir que un atacante local con privilegios elevados ejecute código arbitrario. • https://support.lenovo.com/us/en/product_security/LEN-141775 • CWE-120: Buffer Copy without Checking Size of Input ('Classic Buffer Overflow') •
CVE-2023-43572
https://notcve.org/view.php?id=CVE-2023-43572
A buffer over-read was reported in the BiosExtensionLoader module in some Lenovo Desktop products that may allow a local attacker with elevated privileges to disclose sensitive information. Se informó una lectura excesiva del búfer en el módulo BiosExtensionLoader en algunos productos de Lenovo Desktop que puede permitir que un atacante local con privilegios elevados revele información sensible. • https://support.lenovo.com/us/en/product_security/LEN-141775 • CWE-125: Out-of-bounds Read CWE-126: Buffer Over-read •
CVE-2023-45079
https://notcve.org/view.php?id=CVE-2023-45079
A memory leakage vulnerability was reported in the NvmramSmm SMM driver that may allow a local attacker with elevated privileges to write to NVRAM variables. Se informó una vulnerabilidad de pérdida de memoria en el controlador SMM NvmramSmm que puede permitir que un atacante local con privilegios elevados escriba en variables NVRAM. • https://support.lenovo.com/us/en/product_security/LEN-141775 • CWE-125: Out-of-bounds Read •
CVE-2023-45078
https://notcve.org/view.php?id=CVE-2023-45078
A memory leakage vulnerability was reported in the DustFilterAlertSmm SMM driver that may allow a local attacker with elevated privileges to write to NVRAM variables. Se informó una vulnerabilidad de pérdida de memoria en el controlador SMM DustFilterAlertSmm que puede permitir que un atacante local con privilegios elevados escriba en variables NVRAM. • https://support.lenovo.com/us/en/product_security/LEN-141775 • CWE-125: Out-of-bounds Read •
CVE-2023-45077
https://notcve.org/view.php?id=CVE-2023-45077
A memory leakage vulnerability was reported in the 534D0740 DXE driver that may allow a local attacker with elevated privileges to write to NVRAM variables. Se informó una vulnerabilidad de pérdida de memoria en el controlador DXE 534D0740 que puede permitir que un atacante local con privilegios elevados escriba en variables NVRAM. • https://support.lenovo.com/us/en/product_security/LEN-141775 • CWE-125: Out-of-bounds Read •