A security vulnerability [1] [2], identified as CVE-2024-6768 [3] [4] [5] [6] [7], has been discovered in the Common Log File System (CLFSsys) driver of Windows [3] [4], leading to a denial of service-induced Blue Screen of Death (BSoD) due to improper validation of input data quantities.
Description
This flaw allows an unprivileged user to manipulate values within a BLF file, triggering the KeBugCheckEx function and causing a system crash [4] [5]. Rated with a CVSS base score of 6.8 [3], indicating a medium severity level [3], this vulnerability impacts all versions of Windows 10, 11, and Server 2022 [2]. Classified under the Common Weakness Enumeration (CWE) as ‘Improper Validation of Specified Quantity in Input’ (CWE-1284) [3], the exploit can be executed with low privileges and does not require user interaction. The attack vector is local with low complexity [3], taking advantage of a specific offset within the CLFS client context structure [3]. While this vulnerability does not compromise data integrity or confidentiality [1], it can disrupt business operations [1], potentially leading to data loss [1]. Organizations using Windows systems are advised to keep their systems updated and monitor for any unusual activity to mitigate the risk of exploitation [3].
Conclusion
This security vulnerability poses a significant risk to Windows systems [3], potentially causing system crashes and disrupting business operations. It is crucial for organizations to update their systems promptly and monitor for any suspicious activity to prevent exploitation and mitigate potential data loss.
References
[1] https://www.darkreading.com/vulnerabilities-threats/clfs-bug-crashes-even-updated-windows-10-11-systems
[2] https://www.forbes.com/sites/daveywinder/2024/08/12/new-microsoft-windows-10-11-server-blue-screen-of-death-warning/
[3] https://www.infosecurity-magazine.com/news/vulnerability-windows-driver/
[4] https://siliconangle.com/2024/08/12/new-windows-vulnerability-clfs-sys-lead-system-instability-denial-service/
[5] https://www.itpro.com/software/windows/new-windows-vulnerability-could-repeatedly-trigger-the-blue-screen-of-death-on-millions-of-devices
[6] https://www.neowin.net/news/windows-1110-system-driver-has-bsod-triggering-cve-2024-6768-flaw-on-fully-updated-pcs/
[7] https://nsaneforums.com/news/security-privacy-news/windows-1110-system-driver-has-bsod-triggering-cve-2024-6768-flaw-on-fully-updated-pcs-r24926/
