MidnightBSD

Advisories for hwinfo

CVE-2018-8060 MEDIUM

HWiNFO AMD64 Kernel driver version 8.98 and lower allows an unprivileged user to send an IOCTL to the device driver. If input and/or output buffer pointers are NULL or if these buffers' data are invalid, a NULL/invalid pointer access occurs, resulting in a Windows kernel panic aka Blue Screen. This affects IOCTLs higher than 0x85FE2600 with the HWiNFO32 symbolic device name.

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-476,

Products Affected

Vendor Product Version
hwinfo amd64_kernel_driver *
CVE-2018-8061 LOW

HWiNFO AMD64 Kernel driver version 8.98 and lower allows an unprivileged user to send IOCTL 0x85FE2608 to the device driver with the HWiNFO32 symbolic device name, resulting in direct physical memory read or write.

CVSS 2.0

Severity: LOW

Problem Type: CWE-119,

Products Affected

Vendor Product Version
hwinfo amd64_kernel_driver *