LVFS: ThinkPad X1 Yoga Gen 7/ThinkPad X1 Carbon Gen 10

Lenovo (ThinkPad) ThinkPad X1 Yoga Gen 7/ThinkPad X1 Carbon Gen 10

Lenovo ThinkPad X1 Yoga Gen 7/X1 Carbon Gen 10 Consumer ME Firmware N3ARG06W, 16.1.27.2176

Atom Feed

Version 1.27.2176
2023-08-04 02:59:03

Intel Platform Update 2023.3 Product Version Maintenance Release

Consumer Version 16.1.27.2176 (LVFS: 1.27.2176)

Problem Fixes

Mitigated the following security vulnerabilities under issues.Please see fixed issues for details.

Urgency	high
Reported Success	98% (high confidence)
Fixed issues:	CVE-2022-38102 CVE-2022-29871 CVE-2022-36392 INTEL-TA-00783
Licenses	Proprietary, distributed by agreement
Security	No issues found using FwHunt from Binarly More info Update is cryptographically signed More info Added to the LVFS by Lenovo More info Firmware can be verified after flashing More info Virus checked using ClamAV More info Firmware has no detected SBoM More info
Release Gating	Not available to ChromeOS users More info

Download Archive More details Firmware Details Compare with previous

Version 1.25.1932
2022-10-27 00:49:25

Intel Platform Update 2022.3 Product Version Maintenance Release

Version 16.1.25.1932 (LVFS: 1.25.1932)

Problem Fixes

Mitigated the following security vulnerabilities under issues.Please see fixed issues for details.

Urgency	high
Reported Success	99% (high confidence)
Fixed issues:	CVE-2022-29515 Missing release of memory after effective lifetime in firmware for Intel(R) SPS before versions SPS_E3_06.00.03.035.0 may allow a privileged user to potentially enable denial of service via local access. CVE-2021-33159 Improper authentication in subsystem for Intel(R) AMT before versions 11.8.93, 11.22.93, 11.12.93, 12.0.92, 14.1.67, 15.0.42, 16.1.25 may allow a privileged user to potentially enable escalation of privilege via local access. CVE-2022-29893 Improper authentication in firmware for Intel(R) AMT before versions 11.8.93, 11.22.93, 11.12.93, 12.0.92, 14.1.67, 15.0.42, 16.1.25 may allow an authenticated user to potentially enable escalation of privilege via network access. CVE-2022-27497 Null pointer dereference in firmware for Intel(R) AMT before version 11.8.93, 11.22.93, 11.12.93, 12.0.92, 14.1.67, 15.0.42, 16.1.25 may allow an unauthenticated user to potentially enable denial of service via network access. CVE-2022-21181 Improper input validation for some Intel(R) PROSet/Wireless WiFi and Killer(TM) WiFi products may allow a privileged user to potentially enable escalation of privilege via local access. INTEL-TA-00610
Licenses	Proprietary, distributed by agreement
Security	No issues found using FwHunt from Binarly More info Update is cryptographically signed More info Added to the LVFS by Lenovo More info Firmware can be verified after flashing More info Virus checked using ClamAV More info Firmware has no detected SBoM More info
Release Gating	Not available to ChromeOS users More info

Download Archive More details Firmware Details Compare with previous

Version 0.15.1778
2022-10-13 01:05:26

ADL Production Release 4 BKC

Version 16.0.15.1778 (LVFS: 0.15.1778)

LVFS Initial Release for ThinkPad X1 Carbon Gen 10 and ThinkPad X1 Yoga Gen 7.

Urgency	high
Reported Success	100% (low confidence)
Licenses	Proprietary, distributed by agreement
Security	No issues found using FwHunt from Binarly More info Update is cryptographically signed More info Added to the LVFS by Lenovo More info Firmware can be verified after flashing More info Virus checked using ClamAV More info Firmware has no detected SBoM More info
Release Gating	Not available to ChromeOS users More info

Download Archive More details Firmware Details

Lenovo (ThinkPad) ThinkPad X1 Yoga Gen 7/ThinkPad X1 Carbon Gen 10

Version 1.27.2176 2023-08-04 02:59:03

Version 1.25.1932 2022-10-27 00:49:25

Version 0.15.1778 2022-10-13 01:05:26

Version 1.27.2176
2023-08-04 02:59:03

Version 1.25.1932
2022-10-27 00:49:25

Version 0.15.1778
2022-10-13 01:05:26