HWiNFO AMD64 Kernel driver version 8.98 and lower allows an unprivileged user to send IOCTL 0x85FE2608 to the device driver with the HWiNFO32 symbolic device name, resulting in direct physical memory read or write.
References
Link | Resource |
---|---|
https://github.com/otavioarj/SIOCtl | Exploit Third Party Advisory |
https://github.com/otavioarj/SIOCtl | Exploit Third Party Advisory |
Configurations
History
21 Nov 2024, 04:13
Type | Values Removed | Values Added |
---|---|---|
References | () https://github.com/otavioarj/SIOCtl - Exploit, Third Party Advisory |
Information
Published : 2018-05-10 03:29
Updated : 2024-11-21 04:13
NVD link : CVE-2018-8061
Mitre link : CVE-2018-8061
CVE.ORG link : CVE-2018-8061
JSON object : View
Products Affected
hwinfo
- amd64_kernel_driver
CWE
CWE-119
Improper Restriction of Operations within the Bounds of a Memory Buffer