Lenovo patched two vulnerabilities in Broadcom Wi-Fi controllers.
The two issues, CVE-2017-11120 and CVE-2017-11121, were discovered by Google Project Zero and disclosed in September.
Both vulnerabilities affect Broadcom Wi-Fi chips found in mobile devices. Both ended up fixed in the Android and iOS operating systems in September last year.
When disclosing the bugs, Gal Beniamini of Google Project Zero said an attacker within Wi-Fi range could exploit CVE-2017-11120, an out-of-bounds write issue, to achieve arbitrary code execution on an impacted device.
CVE-2017-11121 can end up leveraged by means of malicious over-the-air Fast Transition frames designed to trigger internal Wi-Fi firmware heap and/or stack overflows. This could lead to remote code execution as well.
“Broadcom has issued an advisory for certain Broadcom WiFi controllers used by many computer and device makers, which contain buffer overflow vulnerabilities on the adapter (not the system CPU),” Lenovo said in an advisory.
The computer maker also said while it “initially did not plan to remediate these issues,” Broadcom released patches after the WPA2 KRACK vulnerability became public, to address both bugs.
Lenovo said only its ThinkPad products pack the affected Broadcom WiFi controllers. The computer maker also published a list of all impacted ThinkPad devices and recommends users to update to the WiFi driver version (or newer) indicated for their models.