CVE-2021-42205

Published: Nov 7, 2022Modified: May 2, 2025

4.7

Vector

CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H

Exploitability: 1.0 / Impact: 3.6

Source: NVD

Description

ELAN Miniport touchpad Windows driver before 24.21.51.2, as used in PC hardware from multiple manufacturers, allows local users to cause a system crash by sending a certain IOCTL request, because that request is handled twice.

Affected (1)

Products: Lenovo: Elan Miniport Touchpad Driver

Lenovo

1 product

Elan Miniport Touchpad Driver

Configuration A

1 vulnerable

Vulnerable Software	Affected Versions
Lenovo Elan Miniport Touchpad Driver	Before 24.21.51.2

Related CWEs

CWE-703

Improper Check or Handling of Exceptional Conditions

The product does not properly anticipate or handle exceptional conditions that rarely occur during normal operation of the product.

References (2)

https://www.emc.com.tw/upload/F2E/Vulnerability%20Report/Vulnerability%20Report_Miniport%20touchpad%20Windows%20driver_20221107.pdf

Source: cve@mitre.org

Third Party Advisory

https://www.emc.com.tw/upload/F2E/Vulnerability%20Report/Vulnerability%20Report_Miniport%20touchpad%20Windows%20driver_20221107.pdf

Source: af854a3a-2127-422b-91ae-364da2661108

Third Party Advisory

Timeline

No history available yet.