Описание
Paragon Partition Manager version 7.9.1 contains an arbitrary kernel memory vulnerability facilitated by the memmove function, which does not validate or sanitize user controlled input, allowing an attacker the ability to write arbitrary kernel memory and perform privilege escalation.
Paragon Partition Manager version 7.9.1 contains an arbitrary kernel memory vulnerability facilitated by the memmove function, which does not validate or sanitize user controlled input, allowing an attacker the ability to write arbitrary kernel memory and perform privilege escalation.
Ссылки
- https://nvd.nist.gov/vuln/detail/CVE-2025-0288
- https://paragon-software.zendesk.com/hc/en-us/articles/32993902732817-IMPORTANT-Paragon-Driver-Security-Patch-for-All-Products-of-Hard-Disk-Manager-Product-Line-Biontdrv-sys
- https://www.kb.cert.org/vuls/id/726882
- https://www.paragon-software.com/support/#patches
Связанные уязвимости
Various Paragon Software products contain an arbitrary kernel memory vulnerability within biontdrv.sys, facilitated by the memmove function, which does not validate or sanitize user controlled input, allowing an attacker the ability to write arbitrary kernel memory and perform privilege escalation.
Уязвимость функции memmove драйвера BioNTdrv.sys программного обеспечения для работы с разделами жестких дисков Paragon Partition Manager, позволяющая нарушителю повысить свои привилегии