English Community

Software and Operating SystemSecurity & Malware
All Forum Topics
Options

12 Posts

01-12-2018

NO

25 Signins

193 Page Views

  • Posts: 12
  • Registered: ‎01-12-2018
  • Location: NO
  • Views: 193
  • Message 1 of 12

Lenovo on Realtek audio driver vulnerability CVE-2019-19705?

2020-02-06, 8:32 AM

Realtek Audio driver has a vulnerability where you can load malware as DLL with NT AUTHORITY\SYSTEM permissions.

 

 

According to Realtek, drivers version 8855 and older are affected.

We have several Lenovo models with Realtek audio drivers where version number seems to indicate an older Realtek audio driver version than 8855, for instance Lenovo ThinkPad T470s (20HF0001MX) with driver updated 191014 with version number 6.0.8777.1.

 

Are Lenovo supplied drivers for Realtek Audio affected by CVE-2019-19705?

Reply
Options

6574 Posts

10-29-2009

NC

17673 Signins

162584 Page Views

  • Posts: 6574
  • Registered: ‎10-29-2009
  • Location: NC
  • Views: 162584
  • Message 2 of 12

Re: Lenovo on Realtek audio driver vulnerability CVE-2019-19705?

2020-02-06, 17:06 PM

I forwarded this information to our Product Security Office and they are investigating now.  It's not clear to me that the current T470s driver version 6.0.8777.1 is same thing as Realtek's affected version like 1.0.0.8855 (and earlier).  Hope to have some clarification to share soon.  Thanks for bringing this up.

Reply
Options

12 Posts

01-12-2018

NO

25 Signins

193 Page Views

  • Posts: 12
  • Registered: ‎01-12-2018
  • Location: NO
  • Views: 193
  • Message 3 of 12

Re: Lenovo on Realtek audio driver vulnerability CVE-2019-19705?

2020-02-11, 11:01 AM

Any updates on this matter?

As someone posted on Reddit, you might not be affected. But would be great to hear it from you officially rather than speculations into the use of Intel audio drivers but Realtek branded software for EQ and similar.

Reply
Options

6574 Posts

10-29-2009

NC

17673 Signins

162584 Page Views

  • Posts: 6574
  • Registered: ‎10-29-2009
  • Location: NC
  • Views: 162584
  • Message 4 of 12

Re: Lenovo on Realtek audio driver vulnerability CVE-2019-19705?

2020-02-11, 23:33 PM

I don't have any update to share.  I encourage you to contact psirt@lenovo.com with your concerns about this CVE.

Reply
Options

9409 Posts

09-04-2014

SK

32654 Signins

1208500 Page Views

  • Posts: 9409
  • Registered: ‎09-04-2014
  • Location: SK
  • Views: 1208500
  • Message 5 of 12

Re: Lenovo on Realtek audio driver vulnerability CVE-2019-19705?

2020-02-12, 8:58 AM

PSIRT is investigating to determine if any products are affected. Should any systems be discovered as being affected an advisory will be published on the Product Security site.
https://support.lenovo.com/product_security

 

Andy

 

English Community Administrator
Lenovo eServices

Please remember to come back and mark the post that you feel answered your question as the solution. 
Did you find a post helpfull? You can thank the member by awarding them a Thumbs Up
 

Please don't ask me questions by Personal Message; questions belong in the forums.
Using Browser Search to find your answers in Lenovo and Moto Community

Reply
Options

12 Posts

01-12-2018

NO

25 Signins

193 Page Views

  • Posts: 12
  • Registered: ‎01-12-2018
  • Location: NO
  • Views: 193
  • Message 6 of 12

Re: Lenovo on Realtek audio driver vulnerability CVE-2019-19705?

2020-02-12, 9:01 AM

@Andy_Lenovo

 

According to our RMM tool we have following models where ravbg64.exe bg process is running. Might be helpfull for you guys?

 

One more thing: That security site does not list all recent (<1 year) fixes from Lenovo, like these mentioned here:

I can't find any info on LEN-27675 and LEN-28627, so no way for me to know what vulnerabilities you fixed. 

Reply
Options

8 Posts

08-03-2015

US

47 Signins

212 Page Views

  • Posts: 8
  • Registered: ‎08-03-2015
  • Location: US
  • Views: 212
  • Message 7 of 12

Re: Lenovo on Realtek audio driver vulnerability CVE-2019-19705?

2020-02-14, 16:44 PM

Thanks for your question about the Realtek driver updates.  The two Lenovo numbers you asked about are internal case numbers we use to track issues reported to us.  We determined neither to be a vulnerability and both cases were closed after making improvements in functionality.  We will ask development to correct the readme file the next time they update the driver.

 

We are still awaiting details from Realtek for CVE-2019-19705.  

Reply
Options

10 Posts

07-26-2015

Los Angeles, California, USA

8 Signins

48 Page Views

  • Posts: 10
  • Registered: ‎07-26-2015
  • Location: Los Angeles, California, USA
  • Views: 48
  • Message 8 of 12

Re:Lenovo on Realtek audio driver vulnerability CVE-2019-19705?

2020-04-25, 5:19 AM

Hello.

 

A security bulletin was published in early March 2020 and updated almost mid-April 2020 about the Realtek HD Audio driver security problem on affected Lenovo computers:

https://support.lenovo.com/us/en/product_security/LEN-30506

 

note that only standard or "legacy" Realtek HD (HDA) audio drivers from 6.0.8855.1 and earlier have the security vulnerability.

Realtek audio drivers that are in the newer "Universal Audio Driver" or UAD format don't have the affected component are not affected.

Reply
Options

10 Posts

07-26-2015

Los Angeles, California, USA

8 Signins

48 Page Views

  • Posts: 10
  • Registered: ‎07-26-2015
  • Location: Los Angeles, California, USA
  • Views: 48
  • Message 9 of 12

Re:Lenovo on Realtek audio driver vulnerability CVE-2019-19705?

2020-04-27, 12:36 PM

a follow up: it seems Lenovo is no longer alone in this matter

 

Hewlett-Packard (HP) has recently published a security bulletin on their web site a few days ago regarding the vulnerability in Realtek Audio Drivers and has also issued updated drivers for some of their machines as well:

https://support.hp.com/us-en/document/c06622884

Reply
Options

10 Posts

07-26-2015

Los Angeles, California, USA

8 Signins

48 Page Views

  • Posts: 10
  • Registered: ‎07-26-2015
  • Location: Los Angeles, California, USA
  • Views: 48
  • Message 10 of 12

Re:Lenovo on Realtek audio driver vulnerability CVE-2019-19705?

2020-05-22, 20:30 PM

@ erpster-le0 wrote:
 

 

Hello.

 

A security bulletin was published in early March 2020 and updated almost mid-April 2020 about the Realtek HD Audio driver security problem on affected Lenovo computers:

https://support.lenovo.com/us/en/product_security/LEN-30506

 

note that only standard or "legacy" Realtek HD (HDA) audio drivers from 6.0.8855.1 and earlier have the security vulnerability.

Realtek audio drivers that are in the newer "Universal Audio Driver" or UAD format don't have the affected component are not affected.

 

 

 

Lenovo security bulletin LEN-30506 updated May 21 for certain Thinkpad models like L570, P51, P71, etc.

Hopefully it will be updated again later on for most ideacentre & Thinkcentre AIO/desktop PCs.

 

 

Reply
Forum Home

Community Guidelines

Please review our Guidelines before posting.

Learn More

Check out current deals!

Go Shop
X

Save

X

Delete