MSI Afterburner v4.6.5.16370 - DoS
Discovered by

Offensive Team, Fluid Attacks
Summary
Full name
MSI Afterburner v4.6.5.16370 - Denial of Service
Code name
State
Public
Release date
Mar 6, 2024
Affected product
MSI Afterburner
Vendor
Micro-Star INT'L CO.
Affected version(s)
Version 4.6.5.16370
Vulnerability name
Denial of Service (DoS)
Vulnerability type
Remotely exploitable
No
CVSS v3.0 vector string
CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H
CVSS v3.0 base score
4.4
Exploit available
Yes
CVE ID(s)
Description
MSI Afterburner v4.6.5.16370 is vulnerable to a Denial of Service vulnerability by triggering the 0x80002000
IOCTL code of the RTCore64.sys
driver.
Vulnerability
The 0x80002000
IOCTL code of the RTCore64.sys
driver allows to perform a Denial of Service, leading to a BSOD of the affected computer caused by a NULL pointer dereference. The handle to the driver can only be obtained from a high integrity process.
The prologue of the vulnerable function sub_11150
is:
At [1]
value of second parameter on RDX
register is assigned to RDI
. The second parameter is a pointer to the SystemBuffer
obtained from the IRP object (pIrp->AssociatedIrp.SystemBuffer
) and it's controlled by the attacker in the lpInBuffer
value on the IOCTL
request call. At [2]
the value is dereferenced without checking if it's a valid memory address, which result in a NULL pointer dereference when the attacker sends a NULL lpInputBuffer
value:
Our security policy
We have reserved the ID CVE-2024-1443 to refer to this issue from now on. Disclosure policy
System Information
Version: MSI Afterburner v4.6.5.16370
Operating System: Windows
Mitigation
The vendor published a the version 4.6.6 Beta 4 Build 16449 fixing this vulnerability:
References
Timeline
Feb 8, 2024
Vulnerability discovered
Feb 23, 2024
Vendor contacted
May 17, 2024
Vulnerability patched
Mar 6, 2024
Public disclosure
Does your application use this vulnerable software?
During our free trial, our tools assess your application, identify vulnerabilities, and provide recommendations for their remediation.