CVE-2016-9569

Name of the Vulnerable Software and Affected Versions Carbon Black version 5.1.1.60603

Description The issue allows local users with admin privileges to cause a denial of service, resulting in an out-of-bounds read and system crash. This is achieved via a large counter value in an IOCTL call, specifically the 0x62430028 call.

Recommendations For Carbon Black version 5.1.1.60603, consider restricting access to the cbstream.sys driver to minimize the risk of exploitation. As a temporary workaround, avoid using large counter values in the 0x62430028 IOCTL call until a patch is available. At the moment, there is no information about a newer version that contains a fix for this vulnerability.