| 1 | = CVE-2024-1305: Windows TAP driver: Fix potential integer overflow in TapSharedSendPacket |
| 2 | |
| 3 | Could cause integer overflow, which will result in allocation of smaller size of memory, which later causes buffer overflow and a bug check. |
| 4 | |
| 5 | Fix by checking overflow condition and fail the IRP in case of overflow. |
| 6 | |
| 7 | === References |
| 8 | * Release notes: https://www.mail-archive.com/openvpn-users@lists.sourceforge.net/msg07534.html |
| 9 | * CVE record: https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-1305 |
| 10 | * Reported by: Vladimir Tokarev <vtokarev@microsoft.com> |