Microsoft CLFS.sys Denial of Service
2024-8-14 22:53:28 Author: packetstormsecurity.com(查看原文) 阅读量:4 收藏

Microsoft CLFS.sys Denial of Service
Posted Aug 14, 2024
Authored by ricnar456 | Site github.com

CVE-2024-6768 is a vulnerability in the Common Log File System (CLFS.sys) driver of Windows, caused by improper validation of specified quantities in input data. This flaw leads to an unrecoverable inconsistency, triggering the KeBugCheckEx function and resulting in a Blue Screen of Death (BSoD). The issue affects all versions of Windows 10 and Windows 11, Windows Server 2016, Server 2019 and Server 2022 despite having all updates applied. This Proof of Concept (PoC) shows that by crafting specific values within a .BLF file, an unprivileged user can induce a system crash.

tags | exploit, proof of concept
systems | windows
advisories | CVE-2024-6768
SHA-256 | 0ec1d82e1e6a31fe57b2e6f518e950e98281a0c7e322246a6ffaddcc34e5296a
Download | Favorite | View

文章来源: https://packetstormsecurity.com/files/180132/CVE-2024-6768-main.zip
如有侵权请联系:admin#unsafe.sh