Details have emerged about a superior severity security vulnerability impacting a software package driver made use of in HP, Xerox, and Samsung printers that has remained undetected considering the fact that 2005.
Tracked as CVE-2021-3438 (CVSS rating: 8.8), the issue considerations a buffer overflow in a print driver installer bundle named “SSPORT.SYS” that can help distant privilege and arbitrary code execution. Hundreds of hundreds of thousands of printers have been released worldwide to day with the vulnerable driver in query.
Nonetheless, there is no evidence that the flaw was abused in true-planet attacks.
“A potential buffer overflow in the computer software drivers for particular HP LaserJet solutions and Samsung merchandise printers could lead to an escalation of privilege,” according to an advisory released in Could.
The issue was documented to HP by risk intelligence researchers from SentinelLabs on February 18, 2021, following which cures have been published for the affected printers as of May possibly 19, 2021.
Particularly, the issue hinges on the point that the printer driver will not sanitize the dimensions of the user input, potentially enabling an unprivileged person to run code in kernel mode.
“The vulnerable purpose inside of the driver accepts details sent from Person Mode by means of IOCTL (Input/Output Command) without the need of validating the dimensions parameter,” SentinelOne researcher Asaf Amir claimed in a report shared with The Hacker Information. “This perform copies a string from the consumer input using ‘strncpy’ with a dimension parameter that is controlled by the person. Effectively, this allows attackers to overrun the buffer employed by the driver.”
Interestingly, it seems that HP copied the driver’s performance from a close to-similar Windows driver sample printed by Microsoft, despite the fact that the sample venture in alone isn’t going to incorporate the vulnerability.
This is not the to start with time security flaws have been uncovered in aged software package drivers. Previously this Could, SentinelOne exposed aspects about multiple critical privilege escalation vulnerabilities in Dell’s firmware update driver named “dbutil_2_3.sys” that went undisclosed for extra than 12 several years.
Uncovered this write-up fascinating? Abide by THN on Fb, Twitter and LinkedIn to examine additional exceptional content material we write-up.
Some parts of this short article are sourced from: