CVE-2021-42994

Name of the Vulnerable Software and Affected Versions Donglify versions 1.0.12310 through 1.7.14109

Description The issue allows local attackers to execute arbitrary code in kernel mode or cause a denial of service, resulting in memory corruption and OS crash, via specially crafted I/O Request Packet. This is due to a Buffer Overflow in the IOCTL Handler 0x22001B.

Recommendations For Donglify versions 1.0.12310 through 1.7.14109, as a temporary workaround, consider restricting access to the IOCTL Handler 0x22001B to minimize the risk of exploitation. At the moment, there is no information about a newer version that contains a fix for this vulnerability.