wiki:CVE-2024-1305

Context Navigation

CVE-2024-1305: Windows TAP driver: Fix potential integer overflow in TapSharedSendPacket?

Could cause integer overflow, which will result in allocation of smaller size of memory, which later causes buffer overflow and a bug check.

Fix by checking overflow condition and fail the IRP in case of overflow.

References

Release notes: https://www.mail-archive.com/openvpn-users@lists.sourceforge.net/msg07534.html
CVE record: https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-1305
Reported by: Vladimir Tokarev <vtokarev@…>

Last modified 6 weeks ago Last modified on 03/21/24 14:49:38

Download in other formats:

Plain Text