A lack of input validation in Realtek SD card reader driver before 10.0.26100.21374 through the implementation of the IOCTL_SFFDISK_DEVICE_COMMAND control of the SD card reader driver allows a privileged attacker to crash the OS.
Metrics
Affected Vendors & Products
References
Link | Providers |
---|---|
https://zwclose.github.io/2024/10/14/rtsper1.html |
History
Thu, 24 Oct 2024 16:15:00 +0000
Type | Values Removed | Values Added |
---|---|---|
First Time appeared |
Realtek
Realtek sd Card Reader Driver |
|
CPEs | cpe:2.3:a:realtek:sd_card_reader_driver:*:*:*:*:*:*:*:* | |
Vendors & Products |
Realtek
Realtek sd Card Reader Driver |
|
Metrics |
cvssV3_1
|
Wed, 23 Oct 2024 21:45:00 +0000
Type | Values Removed | Values Added |
---|---|---|
Description | A lack of input validation in Realtek SD card reader driver before 10.0.26100.21374 through the implementation of the IOCTL_SFFDISK_DEVICE_COMMAND control of the SD card reader driver allows a privileged attacker to crash the OS. | |
References |
|
MITRE
Status: PUBLISHED
Assigner: mitre
Published: 2024-10-23T00:00:00
Updated: 2024-10-24T16:02:25.189Z
Reserved: 2024-07-05T00:00:00
Link: CVE-2024-40432
Vulnrichment
Updated: 2024-10-24T16:02:19.418Z
NVD
Status : Awaiting Analysis
Published: 2024-10-23T22:15:02.520
Modified: 2024-10-25T12:56:07.750
Link: CVE-2024-40432
Redhat
No data.