Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
N/A
Vulnerability Description
Ene.sys in Asus Aura Sync through 1.07.71 does not properly validate input to IOCTL 0x80102044, 0x80102050, and 0x80102054, which allows local users to cause a denial of service (system crash) or gain privileges via IOCTL requests using crafted kernel addresses that trigger memory corruption.
CVSS Information
N/A
Vulnerability Type
N/A
Vulnerability Title
ASUS Aura Sync 缓冲区错误漏洞
Vulnerability Description
ASUS Aura Sync是中国台湾华硕(ASUS)公司的一款硬件灯光同步插件。 ASUS Aura Sync 1.07.71及之前版本中的Ene.sys文件存在安全漏洞,该漏洞源于程序没有正确验证发送到IOCTL 0x80102044,0x80102050和0x80102054的输入。本地攻击者可借助带有特制内核地址的IOCTL请求利用该漏洞造成拒绝服务(系统崩)或获取权限。
CVSS Information
N/A
Vulnerability Type
N/A