Local Information Disclosure in Ludashi Driver Affecting Users' Privileges
CVE-2025-67246

7.3HIGH

Key Information:

Vendor: Ludashi
Status: Ludashi Driver
Vendor: CVE Published:; 15 January 2026

Badges

👾 Exploit Exists🟡 Public PoC

What is CVE-2025-67246?

A local information disclosure vulnerability exists in the Ludashi driver prior to version 5.1025 due to insufficient access controls in the IOCTL handler. This weakness allows normal users to gain unauthorized access to a device interface that exposes lower 4GB of physical memory, enabling the mapping of arbitrary physical memory with MmMapIoSpace and the transfer of sensitive data back to user mode without adequate privilege verification. As a result, this can potentially reveal kernel data structures, security tokens, and kernel pointers. Furthermore, this vulnerability may facilitate additional exploitation techniques, such as bypassing Kernel Address Space Layout Randomization (KASLR), leading to local privilege escalation.

Exploit Proof of Concept (PoC)

PoC code is written by security researchers to demonstrate the vulnerability can be exploited. PoC code is also a key component for weaponization which could lead to ransomware.

CVE-Publication
Created by CDipper

References

http://ludashi.com

https://github.com/CDipper/CVE-Publication

CVSS V3.1

Score:

7.3

Severity:

HIGH

Confidentiality:

High

Integrity:

Low

Availability:

High

Attack Vector:

Local

Attack Complexity:

Low

Privileges Required:

Low

User Interaction:

None

Scope:

Changed

Timeline

🟡
Public PoC available
Jan 15, 2026
👾
Exploit known to exist
Jan 15, 2026
Vulnerability published
Jan 15, 2026
Vulnerability Reserved
Dec 8, 2025

JSON