Soumettre #156113: flexihub, fusbhub.sys, DoSinformation

Titreflexihub, fusbhub.sys, DoS
DescriptionVersion: flexihub 5.5.14691.0, fusbhub.sys 9.2.2343.0 https://www.flexihub.com/ Impact: Denial of Service Description: From IoControlCode 0x220088, a normal user can cause null pointer dereference due to the lack of validating SystemBuffer. Reproduce: In the attached file DoS.zip, there are DoS.exe, DoS.cpp, flexihub.exe, and fusbhub.sys. DoS.exe is the PoC to cause BSOD where flexihub.exe contains the vulnerable driver fusbhub.sys installed, and DoS.cpp is the source code of DoS.exe. To reproduce the issue, install flexihub.exe and execute DoS.exe. It is expected that the system will crash (BSOD) once DoS.exe is executed. Password for attachment: DoS https://drive.google.com/file/d/1h-7fnmb31bkEW4FoLNDlneftDqS4TQHT/view?usp=sharing
La source⚠️ https://github.com/zeze-zeze/WindowsKernelVuln/tree/master/unassigned45
Utilisateur
 Zeze7w (UID 40823)
Soumission13/05/2023 13:14 (il y a 3 ans)
Modérer24/05/2023 19:15 (11 days later)
StatutAccepté
Entrée VulDB229851 [FlexiHub 5.5.14691.0 IoControlCode fusbhub.sys 0x220088 déni de service]
Points20

Do you know our Splunk app?

Download it now for free!