An exploitable pool corruption vulnerability exists in the 0x8200E804 IOCTL handler functionality of WIBU-SYSTEMS WibuKey.sys Version 6.40 (Build 2400). A specially crafted IRP request can cause a buffer overflow, resulting in kernel memory corruption and, potentially, privilege escalation. An attacker can send an IRP request to trigger this vulnerability.
Advisories
Source ID Title
EUVD EUVD EUVD-2018-15776 An exploitable pool corruption vulnerability exists in the 0x8200E804 IOCTL handler functionality of WIBU-SYSTEMS WibuKey.sys Version 6.40 (Build 2400). A specially crafted IRP request can cause a buffer overflow, resulting in kernel memory corruption and, potentially, privilege escalation. An attacker can send an IRP request to trigger this vulnerability.
Fixes

Solution

No solution given by the vendor.


Workaround

No workaround given by the vendor.

History

No history.

cve-icon MITRE

Status: PUBLISHED

Assigner: talos

Published:

Updated: 2024-08-05T04:57:24.697Z

Reserved: 2018-01-02T00:00:00

Link: CVE-2018-3990

cve-icon Vulnrichment

No data.

cve-icon NVD

Status : Modified

Published: 2019-02-05T23:29:00.340

Modified: 2024-11-21T04:06:26.910

Link: CVE-2018-3990

cve-icon Redhat

No data.

cve-icon OpenCVE Enrichment

No data.