Heap-based buffer overflow in Kernel Streaming
5 days ago
- #HeapOverflow
- #KernelVulnerability
- #CVE-2025-53149
- Heap-based buffer overflow vulnerability (CVE-2025-53149) found in Kernel Streaming WOW Thunk Service Driver (ksthunk.sys).
- Vulnerability discovered in CKSAutomationThunk::HandleArrayProperty() function, leading to non-paged heap overflow.
- KSThunk acts as a thunk layer for 32-bit user-mode applications to interact with 64-bit kernel-mode drivers.
- Trigger requires a device with KSPROPSETID_VPConfig or KSPROPSETID_VPVBIConfig property set.
- Patch adds a check for OutputBufferLength to prevent overflow.
- Timeline includes discovery, reporting, confirmation, and patch release dates.
- Lesson: Report bugs to Crowdfense instead of the vendor for bounty.