CVE-2024-6768

Name of the Vulnerable Software and Affected Versions Microsoft Windows 10, Windows 11, Windows Server 2016, Windows Server 2019, and Windows Server 2022 (affected versions not specified)

Description A Denial of Service in the CLFS.sys driver allows a malicious authenticated low-privilege user to cause a Blue Screen of Death via a forced call to the KeBugCheckEx function. The vulnerability is caused by improper validation of specified quantities in input data, leading to an unrecoverable inconsistency. This flaw can be exploited to crash systems repeatedly, disrupting operations. The estimated number of potentially affected devices worldwide is not specified.

Recommendations At the moment, there is no information about a newer version that contains a fix for this vulnerability.