tags:windowsinfo_leakOOB_writeOOB_readkernel
original link: Vulnerabilities of Realtek SD card reader driver, part 1 newsletter link: exploits.club Weekly Newsletter 43 - Variant Analysis at Scale, SD Card Driver Bugs, TTE Trends, And More


Exploits Club Summary:

@zwclose decided to take a look at the Realtek SD card reader driver running on their Windows machine and
well lets just say it was particularly fruitful. The blog covers the 6 vulnerabilities identified and reported, ranging info leaks to arbitrary kernel read/write. It walks through each vulnerability, covering the basic necessary information required to understand the data flow and pinpoint the bug. The conclusion mentions a 7th vulnerability allowing access to physical memory with the card reader’s DMA capability, which will be covered in a future entry.