An issue was discovered in Alps Pointing-device Driver 10.1.101.207. ApMsgFwd.exe allows the current user to map and write to the "ApMsgFwd File Mapping Object" section. ApMsgFwd.exe uses the data written to this section as arguments to functions. This causes a denial of service condition when invalid pointers are written to the mapped section. This driver has been used with Dell, ThinkPad, and VAIO devices.
References
Link | Resource |
---|---|
http://support.lenovo.com/us/en/solutions/LEN-25654 | |
https://github.com/SouhailHammou/Exploits/blob/master/CVE-2018-10828/apmsgfwd_exploit_dos.c | Third Party Advisory |
https://www.exploit-db.com/exploits/44610/ | Third Party Advisory VDB Entry |
History
No history.
MITRE Information
Status: PUBLISHED
Assigner: mitre
Published: 2018-05-09T18:00:00
Updated: 2019-06-25T17:06:06
Reserved: 2018-05-08T00:00:00
Link: CVE-2018-10828
JSON object: View
NVD Information
Status : Modified
Published: 2018-05-09T18:29:00.327
Modified: 2019-06-25T18:15:09.003
Link: CVE-2018-10828
JSON object: View
Redhat Information
No data.
CWE