CERT/CC Vulnerability Note VU#741315

Overview

A system driver in the Dokan Open Source File System contains a stack-based buffer overflow, which could allow an attacker to gain elevated privileges on the host machine.

Description

CWE-121: Stack-based Buffer Overflow - CVE-2018-5410

Dokan, versions between 1.0.0.5000 and 1.2.0.1000, are vulnerable to a stack-based buffer overflow in the dokan1.sys driver. An attacker can create a device handle to the system driver and send arbitrary input that will trigger the vulnerability. This vulnerability was introduced in the 1.0.0.5000 version update.

Impact

An attacker could corrupt the kernel memory and elevate their system privileges to gain control of the system.

Solution

Update to the newest version
Dokan developers have released a new version, 1.2.1, that fixes this vulnerability by validating the user input.

Please see the update here.

Vendor Information

741315

Filter by status:

Filter by content: Additional information available

Sort by:

Expand all

Atmo O Affected

FtpUse Affected

Google Affected

Keybase Affected

MLV Filesystem Affected

MSSQLFS Affected

MooseFS Affected

Ninefs Affected

OpenDedup Affected

RedFS Affected

SrcDemo2 Affected

WinUnionFS Affected

encfs4win Affected

fuse-nfs Affected

Cuemounter Not Affected

Peonefs Not Affected

Shaman.Dokan.Warc Not Affected

Win-SSHFS Not Affected

View all 18 vendors View less vendors

CVSS Metrics

Group	Score	Vector
Base	5.2	AV:L/AC:L/Au:S/C:C/I:P/A:N
Temporal	4.3	E:F/RL:OF/RC:C
Environmental	4.3	CDP:ND/TD:ND/CR:ND/IR:ND/AR:ND

References

Acknowledgements

Thanks to Parvez Anwar for reporting this vulnerability.

This document was written by Madison Oliver.

Other Information

CVE IDs:	CVE-2018-5410
Date Public:	2018-12-21
Date First Published:	2018-12-20
Date Last Updated:	2019-01-15 16:31 UTC
Document Revision:	27

Software Engineering Institute

CERT Coordination Center

Dokan file system driver contains a stack-based buffer overflow

Vulnerability Note VU#741315