CVE-2021-43638

Name of the Vulnerable Software and Affected Versions: Amazon WorkSpaces agent versions prior to 1.0.1.1537

Description: The issue is related to an Integer Overflow in the Amazon WorkSpaces agent. It affects the IOCTL Handler 0x22001B, allowing local attackers to execute arbitrary code in kernel mode or cause a denial of service, resulting in memory corruption and OS crash, via specially crafted I/O Request Packets.

Recommendations: For versions prior to 1.0.1.1537, update to version 1.0.1.1537 or later to resolve the issue. As a temporary workaround, consider restricting access to the IOCTL Handler 0x22001B to minimize the risk of exploitation.