CVE-2014-2884

Name of the Vulnerable Software and Affected Versions TrueCrypt version 7.1a

Description The issue allows local users to bypass access restrictions and obtain sensitive information about arbitrary files. This is achieved through specific IOCTL calls, including TC IOCTL OPEN TEST or TC IOCTL GET SYSTEM DRIVE CONFIG, which are handled by the ProcessVolumeDeviceControlIrp function in Ntdriver.c.

Recommendations For TrueCrypt version 7.1a, consider restricting access to the ProcessVolumeDeviceControlIrp function until a patch is available. Avoid using the TC IOCTL OPEN TEST and TC IOCTL GET SYSTEM DRIVE CONFIG IOCTL calls in the affected API endpoint until the issue is resolved.