Overview
A system driver in the Dokan Open Source File System contains a stack-based buffer overflow, which could allow an attacker to gain elevated privileges on the host machine.
Description
CWE-121: Stack-based Buffer Overflow – CVE-2018-5410
Dokan, versions between 1.0.0.5000 and 1.2.0.1000, are vulnerable to a stack-based buffer overflow in the dokan1.sys driver. An attacker can create a device handle to the system driver and send arbitrary input that will trigger the vulnerability. This vulnerability was introduced in the 1.0.0.5000 version update.
Impact
An attacker could corrupt the kernel memory and elevate their system privileges to gain control of the system.
Solution
Update to the newest version
Dokan developers have released a new version, 1.2.1 that fixes this vulnerability by validating the user input.
CVSS Metrics
| Group | Score | Vector |
| Base | 5.6 | AV:L/AC:L/Au:N/C:C/I:P/A:N |
| Temporal | 4.6 | E:F/RL:OF/RC:C |
| Environmental | 4.7 | CDP:ND/TD:ND/CR:ND/IR:ND/AR:ND |
References
- https://cwe.mitre.org/data/definitions/121.html
- https://github.com/dokan-dev/dokany
- https://github.com/dokan-dev/dokany/commit/4954cc0a3299b20274ac64bf52d6c285a1f40b0f
- https://github.com/dokan-dev/dokany/releases/tag/v1.2.1.1000
Other Information
| CVE IDs: | CVE-2018-5410 |
| Date Public: | 2018-12-21 |
| Date First Published: | 2018-12-20 |
| Date Last Updated: | 2018-12-26 20:56 UTC |
| Document Revision: | 20 |