Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
VB-Audio Voicemeeter & Matrix Drivers DoS via Improper FILE_OBJECT FsContext Initialization
Vulnerability Description
VB-Audio Voicemeeter, Voicemeeter Banana, and Voicemeeter Potato (versions ending in 1.1.1.9, 2.1.1.9, and 3.1.1.9 and earlier, respectively), as well as VB-Audio Matrix and Matrix Coconut (versions ending in 1.0.2.2 and 2.0.2.2 and earlier, respectively), contain a vulnerability in their virtual audio drivers (vbvoicemeetervaio64*.sys, vbmatrixvaio64*.sys, vbaudio_vmauxvaio*.sys, vbaudio_vmvaio*.sys, and vbaudio_vmvaio3*.sys). When a handle is opened with a special file attribute value, the drivers improperly initialize FILE_OBJECT->FsContext to a non-pointer magic value. If subsequent operations are not handled by the VB-Audio driver and are forwarded down the audio driver stack (e.g., via PortCls to ks.sys), the invalid FsContext value can be dereferenced, causing a kernel crash (BSoD), typically SYSTEM_SERVICE_EXCEPTION with STATUS_ACCESS_VIOLATION. This flaw allows a local unprivileged user to trigger a denial-of-service on affected Windows systems.
CVSS Information
N/A
Vulnerability Type
使用未经初始化的指针
Vulnerability Title
VB-Audio Voicemeeter和VB-Audio Matrix 缓冲区错误漏洞
Vulnerability Description
VB-Audio Voicemeeter和VB-Audio Matrix都是法国VB-Audio公司的产品。VB-Audio Voicemeeter是一个虚拟音频调音台软件。VB-Audio Matrix是一个实时音频路由软件。 VB-Audio Voicemeeter和VB-Audio Matrix存在缓冲区错误漏洞,该漏洞源于虚拟音频驱动程序未正确初始化FILE_OBJECT->FsContext,可能导致内核崩溃和拒绝服务。
CVSS Information
N/A
Vulnerability Type
N/A