| Titolo | flexihub, fusbhub.sys, DoS |
|---|
| Descrizione | Version: flexihub 5.5.14691.0, fusbhub.sys 9.2.2343.0
https://www.flexihub.com/
Impact: Denial of Service
Description: From IoControlCode 0x220088, a normal user can cause null pointer dereference due to the lack of validating SystemBuffer.
Reproduce: In the attached file DoS.zip, there are DoS.exe, DoS.cpp, flexihub.exe, and fusbhub.sys. DoS.exe is the PoC to cause BSOD where flexihub.exe contains the vulnerable driver fusbhub.sys installed, and DoS.cpp is the source code of DoS.exe. To reproduce the issue, install flexihub.exe and execute DoS.exe. It is expected that the system will crash (BSOD) once DoS.exe is executed. Password for attachment: DoS
https://drive.google.com/file/d/1h-7fnmb31bkEW4FoLNDlneftDqS4TQHT/view?usp=sharing |
|---|
| Fonte | ⚠️ https://github.com/zeze-zeze/WindowsKernelVuln/tree/master/unassigned45 |
|---|
| Utente | Zeze7w (UID 40823) |
|---|
| Sottomissione | 13/05/2023 13:14 (3 anni fa) |
|---|
| Moderazione | 24/05/2023 19:15 (11 days later) |
|---|
| Stato | Accettato |
|---|
| Voce VulDB | 229851 [FlexiHub 5.5.14691.0 IoControlCode fusbhub.sys 0x220088 negazione del servizio] |
|---|
| Punti | 20 |
|---|