CVE-2024-45383
5MEDIUM
Summary
A mishandling of IRP requests vulnerability exists in the HDAudBus_DMA interface of Microsoft High Definition Audio Bus Driver 10.0.19041.3636 (WinBuild.160101.0800). A specially crafted application can issue multiple IRP Complete requests which leads to a local denial-of-service. An attacker can execute malicious script/application to trigger this vulnerability.
Affected Version(s)
HDAudBus.sys = 10.0.19041.3636 (WinBuild.160101.0800)
CVSS V3.1
Score:
5
Severity:
MEDIUM
Confidentiality:
None
Integrity:
None
Availability:
High
Attack Vector:
Local
Attack Complexity:
Low
Privileges Required:
Low
User Interaction:
Required
Scope:
Unchanged
Timeline
Vulnerability published.
Collectors
NVD DatabaseMitre Database
Credit
Discovered by Marcin 'Icewall' Noga of Cisco Talos.