CVE-2017-15302

Name of the Vulnerable Software and Affected Versions CPUID CPU-Z versions 1.43 through 1.81

Description The issue concerns improper access rights to a kernel-mode driver, which can lead to information disclosure or elevation of privileges. Any application running on the system, including sandboxed users, can issue an ioctl to this driver without validation, allowing for an arbitrary read of any physical address via ioctl 0x9C402604. This results in an information leak and elevation of privileges (EoP), as the driver can map any physical page on the system and return the allocated map page address to the user.

Recommendations For CPUID CPU-Z versions 1.43 through 1.81, consider restricting access to the kernel-mode driver to minimize the risk of exploitation, as the arbitrary read itself is intentional behavior for ACPI scan functionality, but the lack of an ACL poses a security issue. At the moment, there is no information about a newer version that contains a fix for this vulnerability.