A potential vulnerability due to use of Boot Services in the SmmOEMInt15 SMI handler in some ThinkPad models could be exploited by an attacker with elevated privileges that could allow for execution of code.

Related CVEs

CVE-2022-1107

Key Information

GHSA ID

GHSA-qmwg-7c3h-jmrr

Published

April 23, 2022 12:02 AM

Last Modified

May 6, 2022 12:01 AM

CVSS Score

7.5 /10

Primary Ecosystem

Unknown

Primary Package

Unknown

GitHub Reviewed

✗ No

Dataset

Last updated: September 12, 2025 6:34 AM

Data from GitHub Advisory Database. This information is provided for research and educational purposes.