Qualcomm, Lenovo Released Multiple Bug Fixes

by Abeerah Hashim January 10, 2023

written by Abeerah Hashim January 10, 2023

Tech giants Lenovo and Qualcomm have separately released multiple firmware bug fixes around the same time. All users running Qualcomm chipsets on their devices and Lenovo ThinkPad X13 users should ensure updating their systems with the latest firmware releases.

Qualcomm, Lenovo Bug Fixes

Recently, Qualcomm – the American technology firm powering a range of computers and mobile phone devices with their chipsets, and Lenovo – the Chinese tech giant, have rolled out major firmware updates for the users.

Specifically, Qualcomm’s security bulletin suggests patching 20 different vulnerabilities affecting various chipsets. Given the diversified range of products using these chipsets, the affected devices belong to different technology areas, from automotive to Android connectivity, WLAN, powerline communication, and Kernel.

While the bulletin doesn’t include detailed vulnerability descriptions, it lists brief details about the nature of vulnerabilities. Three of these hold critical security ratings, which include,

CVE-2022-33218 (CVSS rating: High; CVSS score 8.2; Technology: Automotive): Memory corruption vulnerability due to improper input validation
CVE-2022-33219 (CVSS rating: Critical; CVSS score 9.3; Technology: Automotive): Memory corruption due to integer overflow to buffer overflow while registering a new listener with shared buffer.
CVE-2022-33265 (CVSS rating: High; CVSS score 7.3; Technology: Powerline Communication Firmware): Memory corruption due to information exposure while sending different MMEs from a single, unassociated device.

Besides, the updates address 17 other high security rating vulnerabilities that Qualcomm has confirmed informing the relevant vendors.

Five of these also affect Lenovo ThinkPad X13 laptops. These include,

CVE-2022-40516, CVE-2022-40517 (CVSS rating: High; CVSS score 8.4; Technology: Boot): Memory corruption in Core due to stack-based buffer overflow
CVE-2022-40520 (CVSS rating: High; CVSS score 8.4; Technology: Connectivity): Memory corruption due to a stack-based buffer overflow in Core
CVE-2022-40518, CVE-2022-40519 (CVSS rating: Medium; CVSS score 6.8; Technology: Boot): Information disclosure due to buffer overread in Core

Alongside these patches, Lenovo has also addressed some other vulnerabilities, according to its advisory for ThinkPad X13s BIOS. The tech giant urges users to upgrade their laptops’ BIOS to version 1.47 (N3HET75W) or newer.

Let us know your thoughts in the comments.

BIOS BIOS update buffer overflow bug Bugs flaw flaws information disclosure Lenovo Lenovo BIOS update Lenovo UEFI firmware vulnerability Lenovo vulnerabilities memory corruption pre-installed Lenovo software Qualcomm Qualcomm chip Qualcomm chip flaw Qualcomm chip vulnerability Qualcomm flaw Qualcomm Snapdragon Qualcomm vulnerability stack overflow vulnerabilities vulnerability

Abeerah Hashim

Abeerah has been a passionate blogger for several years with a particular interest towards science and technology. She is crazy to know everything about the latest tech developments. Knowing and writing about cybersecurity, hacking, and spying has always enchanted her. When she is not writing, what else can be a better pastime than web surfing and staying updated about the tech world! Reach out to me at: [email protected]

Qualcomm, Lenovo Released Multiple Bug Fixes

Qualcomm, Lenovo Bug Fixes

Fortinet Patched Multiple Vulnerabilities In FortiADC And FortiTester

Microsoft Patch Tuesday January 2023 Arrives With 98 Bug Fixes

You may also like