Lenovo (ThinkPad) ThinkPad X1 Yoga Gen 6/ThinkPad X1 Carbon Gen 9

Lenovo ThinkPad X1 Yoga Gen 6/X1 Carbon Gen 9 Consumer ME Firmware N32RG31W, 15.0.49.2573

Atom Feed

Version 240.49.2573
2024-08-15 07:07:39

Intel Platform Update 2024.3 Product Version Maintenance Release

Consumer Version 15.0.49.2573 (LVFS: 240.49.2573)

Problem Fixes

  • Mitigated the following security vulnerabilities under issues. Please see fixed issues for details.

Urgency high
Reported Success 95% (high confidence)
Fixed issues:
Licenses
Security
Release Gating
Download Archive More details Firmware Details Compare with previous

Version 240.45.2411
2023-08-03 06:49:06

Intel Platform Update 2023.3 Product Version Maintenance Release

Consumer Version 15.0.45.2411 (LVFS: 240.45.2411)

Problem Fixes

  • Mitigated the following security vulnerabilities under issues.Please see fixed issues for details.

Urgency high
Reported Success 98% (high confidence)
Fixed issues:
Licenses
Security
Release Gating
Download Archive More details Firmware Details Compare with previous

Version 240.42.2235
2022-10-27 05:12:57

Intel Platform Update 2022.3 Product Version Maintenance Release

Version 15.0.42.2235 (LVFS: 240.42.2235)

Problem Fixes

  • Mitigated the following security vulnerabilities under issues.Please see fixed issues for details.

Urgency high
Reported Success 99% (high confidence)
Fixed issues:
Licenses
Security
Release Gating
Download Archive More details Firmware Details Compare with previous

Version 240.41.2142
2022-06-14 01:20:12

Intel Platform Update 2022.1 Product Version Maintenance Release

Version 15.0.41.2142 (LVFS: 240.41.2142)

Problem Fixes

  • Mitigated the following security vulnerabilities under issues.Please see fixed issues for details.
  • Fixed issue when Intel ME entered recovery mode which will trigger bios recovery.

Urgency high
Reported Success 100% (high confidence)
Fixed issues:
  • CVE-2021-33159

    Improper authentication in subsystem for Intel(R) AMT before versions 11.8.93, 11.22.93, 11.12.93, 12.0.92, 14.1.67, 15.0.42, 16.1.25 may allow a privileged user to potentially enable escalation of privilege via local access.

  • CVE-2022-21181

    Improper input validation for some Intel(R) PROSet/Wireless WiFi and Killer(TM) WiFi products may allow a privileged user to potentially enable escalation of privilege via local access.

  • CVE-2022-0004

    Hardware debug modes and processor INIT setting that allow override of locks for some Intel(R) Processors in Intel(R) Boot Guard and Intel(R) TXT may allow an unauthenticated user to potentially enable escalation of privilege via physical access.

  • INTEL-TA-00621
  • INTEL-TA-00613
  • INTEL-TA-00610
Licenses
Security
Release Gating
Download Archive More details Firmware Details Compare with previous

Version 240.35.1951
2022-03-23 05:24:51

  • 0 Intel Platform Update 2021.2 Release

Version 15.0.35.1951 (LVFS: 240.35.1951)

Problem Fixes

  • Mitigated the following security vulnerabilities under issues.Please see fixed issues for details.
  • Fixed issue where the console system could not connect to remote machine (client system AMT Web IP is 0.0.0.0) after restart system for vPro

Note: Please suspend or disable any disk encryption tool prior to update.

Urgency high
Reported Success 96% (high confidence)
Fixed issues:
  • CVE-2021-0147

    Improper locking in the Power Management Controller (PMC) for some Intel Chipset firmware before versions pmc_fw_lbg_c1-21ww02a and pmc_fw_lbg_b0-21ww02a may allow a privileged user to potentially enable denial of service via local access.

  • CVE-2021-33068

    Null pointer dereference in subsystem for Intel(R) AMT before versions 15.0.35 may allow an authenticated user to potentially enable denial of service via network access.

  • INTEL-TA-0470
Licenses
Security
Release Gating
Download Archive More details Firmware Details Compare with previous

Version 240.23.1706
2021-12-27 04:46:05

  • 0 Intel Platform Update 2021.1 Hotfix Release

Version 15.0.23.1706 (LVFS: 240.23.1706)

Problem Fixes

  • Mitigated the following security vulnerabilities under issues.Please see fixed issues for details.

Urgency high
Reported Success 100% (medium confidence)
Fixed issues:
  • CVE-2020-24506

    Out of bound read in a subsystem in the Intel(R) CSME versions before 12.0.81, 13.0.47, 13.30.17, 14.1.53 and 14.5.32 may allow a privileged user to potentially enable information disclosure via local access.

  • CVE-2020-8703

    Improper buffer restrictions in a subsystem in the Intel(R) CSME versions before 11.8.86, 11.12.86, 11.22.86, 12.0.81, 13.0.47, 13.30.17, 14.1.53, 14.5.32 and 15.0.22 may allow a privileged user to potentially enable escalation of privilege via local access.

  • CVE-2020-24516

    Modification of assumed-immutable data in subsystem in Intel(R) CSME versions before 13.0.47, 13.30.17, 14.1.53, 14.5.32, 15.0.22 may allow an unauthenticated user to potentially enable escalation of privilege via physical access.

  • CVE-2020-24507

    Improper initialization in a subsystem in the Intel(R) CSME versions before 11.8.86, 11.12.86, 11.22.86, 12.0.81, 13.0.47, 13.30.17, 14.1.53, 14.5.32, 13.50.11 and 15.0.22 may allow a privileged user to potentially enable information disclosure via local access.

  • CVE-2020-8704

    Race condition in a subsystem in the Intel(R) LMS versions before 2039.1.0.0 may allow a privileged user to potentially enable escalation of privilege via local access.

  • INTEL-TA-0459
Licenses
Security
Release Gating
Download Archive More details Firmware Details

LVFS © 2015 Richard Hughes with icons from Font Awesome and GeoIP data from IP2Location.

Linux Vendor Firmware Service Project a Series of LF Projects, LLC :: Charter