CVE-2019-18619: Incorrect parameter validation in the synaTee component of Synaptics WBF drivers using an SGX enclave (all versions prior to 2019-11-15) allows a local user to…

high7.8CVSS 3.1

AVLACLPRLUINSUCHIHAH

Incorrect parameter validation in the synaTee component of Synaptics WBF drivers using an SGX enclave (all versions prior to 2019-11-15) allows a local user to execute arbitrary code in the enclave (that can compromise confidentiality of enclave data) via APIs that accept invalid pointers.

Affected

123 ranges· showing 25

Vendor	Product	Version range	Fixed in
hp	envy_13-ah0xxx_firmware	< 5.5.11.1093	5.5.11.1093
hp	envy_13-ah1xxx_firmware	< 5.5.11.1093	5.5.11.1093
hp	envy_13-aq0xxx_firmware	< 6.0.39.1111	6.0.39.1111
hp	envy_13-aq1xxx_firmware	< 6.0.39.1111	6.0.39.1111
hp	envy_13t-ah100_firmware	< 5.5.11.1093	5.5.11.1093
hp	envy_13t-aq100_firmware	< 6.0.39.1111	6.0.39.1111
hp	envy_15-cn0xxx_x360_firmware	< 5.5.11.1093	5.5.11.1093
hp	envy_15-cn1xxx_x360_firmware	< 5.5.11.1093	5.5.11.1093
hp	envy_15-dr0xxx_x360_firmware	< 6.0.39.1111	6.0.39.1111
hp	envy_15-dr0xxx_x360_firmware	< 5.5.26.1102	5.5.26.1102
hp	envy_15-dr1xxx_x360_firmware	< 6.0.39.1111	6.0.39.1111
hp	envy_15-dr1xxx_x360_firmware	< 5.5.26.1102	5.5.26.1102
hp	envy_15m-cn0xxx_x360_firmware	< 5.5.11.1093	5.5.11.1093
hp	envy_15m-dr0xxx_x360_firmware	< 6.0.39.1111	6.0.39.1111
hp	envy_15m-dr0xxx_x360_firmware	< 5.5.26.1102	5.5.26.1102
hp	envy_15m-dr1xxx_x360_firmware	< 6.0.39.1111	6.0.39.1111
hp	envy_15m-dr1xxx_x360_firmware	< 5.5.26.1102	5.5.26.1102
hp	envy_17-bw0xxx_firmware	< 5.5.11.1093	5.5.11.1093
hp	envy_17-ce0xxx_firmware	< 6.0.39.1111	6.0.39.1111
hp	envy_17-ce1xxx_firmware	< 6.0.39.1111	6.0.39.1111
hp	envy_17m-bw0xxx_firmware	< 5.5.11.1093	5.5.11.1093
hp	envy_17m-ce0xxx_firmware	< 6.0.39.1111	6.0.39.1111
hp	envy_17m-ce1xxx_firmware	< 6.0.39.1111	6.0.39.1111
hp	envy_17t-bw000_firmware	< 5.5.11.1093	5.5.11.1093
hp	envy_17t-ce000_firmware	< 6.0.39.1111	6.0.39.1111