CVE-2018-20331

Name of the Vulnerable Software and Affected Versions Antiy AVL ATool version 1.0.0.22

Description The issue is caused by a failure to properly validate the length of user-supplied data in the processing of IOCTL 0x80002004 by the ssdt.sys kernel driver. This can lead to a Kernel Pool Buffer Overflow, allowing an attacker to execute arbitrary code in the context of the kernel, potentially resulting in privilege escalation. A failed exploit could lead to denial of service. The attacker must first obtain the ability to execute low-privileged code on the target system.

Recommendations For Antiy AVL ATool version 1.0.0.22, as a temporary workaround, consider restricting access to the ssdt.sys kernel driver to minimize the risk of exploitation. At the moment, there is no information about a newer version that contains a fix for this vulnerability.