Heap-based buffer overflow in the tvtumin.sys kernel driver in Lenovo Rescue and Recovery 4.20, including 4.20.0511 and 4.20.0512, allows local users to execute arbitrary code via a long file name.
Software | From | Fixed in |
---|---|---|
lenovo / resuce_and_recovery | 4.20 | 4.20.x |
lenovo / resuce_and_recovery | 4.20.0511 | 4.20.0511.x |
lenovo / resuce_and_recovery | 4.20.0512 | 4.20.0512.x |