Synaptics TouchPad 'SynTP.sys' Local Information Disclosure Vulnerability
BID:106799
CVE-2018-15532 |Info
Synaptics TouchPad 'SynTP.sys' Local Information Disclosure Vulnerability
| Bugtraq ID: | 106799 |
| Class: | Design Error |
| CVE: |
CVE-2018-15532 |
| Remote: | No |
| Local: | Yes |
| Published: | Jan 24 2019 12:00AM |
| Updated: | Jan 24 2019 12:00AM |
| Credit: | Enrique Nissim, Senior Security Consultant for IOActive, Inc. |
| Vulnerable: |
Synaptics Touchpad Drivers 0 Synaptics Pointing Device Driver 0 Lenovo Thinkpad 0 Lenovo IdeaPad 0 |
| Not Vulnerable: | |
Discussion
Synaptics TouchPad 'SynTP.sys' Local Information Disclosure Vulnerability
Synaptics TouchPad is prone to a local information-disclosure vulnerability.
Attackers can exploit this issue to read portions of kernel memory, resulting in a privilege escalation.
Synaptics TouchPad is prone to a local information-disclosure vulnerability.
Attackers can exploit this issue to read portions of kernel memory, resulting in a privilege escalation.
Exploit / POC
Synaptics TouchPad 'SynTP.sys' Local Information Disclosure Vulnerability
Currently, we are not aware of any working exploits. If you feel we are in error or if you are aware of more recent information, please mail us at: [email protected].
Currently, we are not aware of any working exploits. If you feel we are in error or if you are aware of more recent information, please mail us at: [email protected].
Solution / Fix
Synaptics TouchPad 'SynTP.sys' Local Information Disclosure Vulnerability
Solution:
Updates are available. Please see the references or vendor advisory for more information.
Solution:
Updates are available. Please see the references or vendor advisory for more information.
References
Synaptics TouchPad 'SynTP.sys' Local Information Disclosure Vulnerability
References:
References: