CVE-2018-8060

2018-05-1003:00:00

mitre

www.cve.org

5.5 Medium

AI Score

Confidence

High

0.0004 Low

EPSS

Percentile

13.0%

JSON

HWiNFO AMD64 Kernel driver version 8.98 and lower allows an unprivileged user to send an IOCTL to the device driver. If input and/or output buffer pointers are NULL or if these buffers’ data are invalid, a NULL/invalid pointer access occurs, resulting in a Windows kernel panic aka Blue Screen. This affects IOCTLs higher than 0x85FE2600 with the HWiNFO32 symbolic device name.

References

github.com/otavioarj/SIOCtl