CVE-2018-16091
published 2018-11-27CVE-2018-16091: In System Management Module (SMM) versions prior to 1.06, the SMM certificate creation and parsing logic is vulnerable to several buffer overflows.
high8.1CVSS 3.0
AVNACHPRNUINSUCHIHAH
In System Management Module (SMM) versions prior to 1.06, the SMM certificate creation and parsing logic is vulnerable to several buffer overflows.
Affected
2 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| lenovo | system_management_module_firmware | < 1.06 | 1.06 |
| lenovo | thinksystem_smm | >= unspecified < 1.06 | 1.06 |