| Title | Jianming Antivirus, kvcore.sys, DoS1 |
|---|
| Description | Version: Jianming Antivirus 16.2.2022.418, kvcore.sys x.x.x.x
https://www.jiangmin.com/plus/list.php?tid=65
Impact: Denial of Service
Description: From IoControlCode 0x222000, a normal user can cause DoS due to the lack of validating SystemBuffer before the global variable initialized.
Reproduce: In the attached file DoS1.zip, there are DoS1.exe, DoS1.cpp, JMV21Web20220419.exe, and kvcore.sys. DoS1.exe is the PoC to cause BSOD where JMV21Web20220419.exe contains the vulnerable driver kvcore.sys installed, and DoS1.cpp is the source code of DoS1.exe. To reproduce the issue, load kvcore.sys and execute DoS1.exe. It is expected that the system will crash (BSOD) once DoS1.exe is executed. Password for attachment: DoS1
https://drive.google.com/file/d/1fQFw8ayQUFzJM2_4V-ld8CN8gvisVoiu/view?usp=sharing |
|---|
| Source | ⚠️ https://github.com/zeze-zeze/WindowsKernelVuln/tree/master/unassigned29 |
|---|
| User | Zeze7w (UID 40823) |
|---|
| Submission | 03/24/2023 09:51 (3 years ago) |
|---|
| Moderation | 03/25/2023 11:06 (1 day later) |
|---|
| Status | Accepted |
|---|
| VulDB entry | 224012 [JiangMin Antivirus 16.2.2022.418 IOCTL kvcore.sys 0x222000 denial of service] |
|---|
| Points | 20 |
|---|