Best Top Reviews Online

Qualcomm Chipsets and Lenovo BIOS Receive Security Updates to Address Numerous Vulnerabilities

Qualcomm released patches on Tuesday to address multiple security vulnerabilities in its chipsets, some of which could lead to information disclosure and memory corruption if exploited.

The five vulnerabilities ranging from CVE-2022-40516 to CVE-2022-40520 also affect Lenovo ThinkPad X13s laptops, prompting the Chinese PC manufacturer to release BIOS updates to patch the security holes.

The following list of flaws is provided:

  • CVE-2022-40516, CVE-2022-40517 & CVE-2022-40520 (CVSS scores: 8.4) – Memory corruption in Core due to stack-based buffer overflow
  • CVE-2022-40518 & CVE-2022-40519 (CVSS scores: 6.8) – Information disclosure due to buffer over-read in Core

Stack-based buffer overflow vulnerabilities can have severe consequences, including data corruption, system crashes, and the execution of arbitrary code. On the other hand, buffer over-reads can be weaponized to read out-of-bounds memory, resulting in the disclosure of sensitive data.

A local adversary with elevated privileges may be able to cause memory corruption or disclose sensitive information if he or she successfully exploits the flaws listed above, according to a Tuesday advisory issued by Lenovo.

Lenovo has also remedied four additional buffer over-read vulnerabilities in the ThinkPad X13 BIOS that could result in information disclosure. These vulnerabilities have been assigned the identifiers CVE-2022-4432, CVE-2022-4433, CVE-2022-4434, and CVE-2022-4435.

Users of the ThinkPad X13 are advised to update the BIOS to version 1.47 (N3HET75W) or later. Binarly, a firm specializing in firmware security, is credited with discovering and reporting the nine vulnerabilities.

The Qualcomm security advisory for January 2023 addresses 17 additional vulnerabilities, including one critical memory corruption flaw in the Automotive component (CVE-2022-33219, CVSS score: 9.3) caused by a buffer overflow flaw.

Why Trust Us?

Best Top Reviews Online was established in 2018 to provide our readers with detailed, truthful, and impartial advice on what to buy. We now have millions of monthly users from all over the world and annually evaluate over a thousand products.

The above article was written by the BestTopReviewsOnline team, which consists of some of the most knowledgeable technical experts in the United States. Our team consists of highly regarded writers with vast experience in smartphones, computer components, technology apps, security, and photography, among other fields.

Related Stories

  • All Post
  • Best Picks
  • Explainers
  • How To
  • News
  • Versus

Get more info

Deals

Reviews

Best Products

Buying Guides

Contact Us

About Us

We provide a platform for our customers to rate and review services and products, as well as the stores that sell them. We research and compare the most popular brands and models before narrowing it down to the top ten, providing you with the most comprehensive and reliable buying advice to help you make your decision.

Disclaimer

BestTopReviewsOnline.com is a participant in the Amazon Services LLC Associates Program, an affiliate advertising program designed to provide a means for sites to earn advertising fees by advertising and linking to Amazon.com. As an Amazon Associate I earn from qualifying purchases.

 

Address & Map

20 S Santa Cruz Ave, Suite 300, Los Gatos, CA 95030, United States

© 2022 BestTopReviewsOnline.com Pty. Ltd. All Rights Reserved. Licensing: All third-party trademarks, images, and copyrights used on this page are for comparative advertising, criticism, or review. As this is a public forum where users can express their opinions on specific products and businesses, the opinions expressed do not reflect those of BestTopReviewsOnline.com.