CLFS Vulnerability Let Hackers Trigger BSOD Error On All Versions Of Windows 10 & 11

A newly came upon vulnerability in the Frequent Log File Machine (CLFS.sys) driver of Windows has been identified, doubtlessly affecting hundreds and hundreds of devices working Windows 10, Windows 11, and varied Windows Server variations.

Tracked as CVE-2024-6768, this vulnerability permits a malicious authenticated low-privilege particular person to trigger a Blue Cowl screen of Death (BSOD) by strategy of a forced name to the KeBugCheckEx unbiased, ensuing in plot instability and denial of provider (DoS) assaults.

The flaw is attributed to rotten validation of specified quantities in input recordsdata, labeled below CWE-1284. This vulnerability can reason an unrecoverable plot hiss, making it doable for an attacker to many times rupture affected techniques, doubtlessly inflicting recordsdata loss and operational disruptions.

Ricardo Narvaja, a researcher at Fortra, demonstrated the vulnerability by strategy of a proof of thought (PoC) that exploits particular values within a .BLF file, a layout aged by the Windows bizarre log file plot.

This PoC exhibits that an unprivileged particular person can induce a tool rupture without requiring particular person interplay, highlighting the vulnerability’s low attack complexity.

No matter the medium severity ranking of 6.8 on the Frequent Vulnerability Scoring Machine (CVSS), the vulnerability poses a vital possibility consequently of its capability for repeated exploitation. The attack vector is native, that approach it could well in all probability must easy be performed on the plot itself, which a exiguous bit limits the scope of capability assaults.

This discovery follows a latest vital plan back inviting CrowdStrike, where a buggy security update ended in popular BSODs all the map by strategy of challenge and business PCs.

The CrowdStrike plan back turned into as soon as linked to a unhealthy IPC Template Kind in their Falcon tool, which prompted identical plot crashes. These incidents underscore the serious nature of conserving strong safety features and monitoring techniques for bizarre actions to mitigate such vulnerabilities.

For the time being, there are no identified mitigations or patches accessible for CVE-2024-6768. The vulnerability, affecting the CLFS.sys driver in Windows 10, Windows 11, and several Windows Server variations permits a low-privilege particular person to reason a Blue Cowl screen of Death (BSOD) by strategy of rotten input validation.