Closed n3k closed 5 years ago
cron2
commented
5 years ago We are aware of this (IOactive told us) and have a working fix, but would have preferred this to not become public until we can provide a signed driver with the fix (which we're working on, but this is taking way more time than expected).
security@openvpn.net is the right contact for this sort of bug, not "make it public on github".
cron2
commented
5 years ago Hi,
since you brought it up, it has somewhat forced our hands to get moving :-) - I have now pushed my own fix (that sat in my tree since May 2018) and we'll release a new signed driver for everything but Server 2016 and Server 2019 early next week.
thanks,
gert
n3k
commented
5 years ago That sounds good :)
This fixes an out of bounds write in the kernel pool that could be triggered being a low privileged user. See https://github.com/IOActive/FuzzNDIS/blob/master/Attacking_Windows_NDIS_Drivers.pdf