exploitDog

GHSA-ff7m-858p-5r2m

Опубликовано: 13 мая 2022

Источник: github

Github: Не прошло ревью

CVSS3: 7.8

Описание

An exploitable double fetch vulnerability exists in the SboxDrv.sys driver functionality of Invincea-X 6.1.3-24058. A specially crafted input buffer and race condition can result in kernel memory corruption, which could result in privilege escalation. An attacker needs to execute a special application locally to trigger this vulnerability.

An exploitable double fetch vulnerability exists in the SboxDrv.sys driver functionality of Invincea-X 6.1.3-24058. A specially crafted input buffer and race condition can result in kernel memory corruption, which could result in privilege escalation. An attacker needs to execute a special application locally to trigger this vulnerability.

Ссылки

EPSS

Процентиль: 7%

0.00027

Низкий

7.8 High

CVSS3

CVE ID

Дефекты

CWE-362

Связанные уязвимости

CVE-2016-9038

CVSS3: 7.8

nvd

почти 8 лет назад

An exploitable double fetch vulnerability exists in the SboxDrv.sys driver functionality of Invincea-X 6.1.3-24058. A specially crafted input buffer and race condition can result in kernel memory corruption, which could result in privilege escalation. An attacker needs to execute a special application locally to trigger this vulnerability.

EPSS

Процентиль: 7%

0.00027

Низкий

7.8 High

CVSS3

CVE ID

Дефекты

CWE-362