CVE-2024-36055

Name of the Vulnerable Software and Affected Versions Marvin Test HW.exe versions prior to 5.0.5.0

Description The issue allows unprivileged user-mode processes to arbitrarily map physical memory with read/write access via the MmMapIoSpace API, leading to a denial of service (BSOD). The MmMapIoSpace API is accessed through specific IOCTL codes, including 0x9c40a4f8, 0x9c40a4e8, 0x9c40a4c0, 0x9c40a4c4, 0x9c40a4ec, and seven others.

Recommendations For versions prior to 5.0.5.0, update to version 5.0.5.0 or later to resolve the issue. As a temporary workaround, consider restricting access to the MmMapIoSpace API to minimize the risk of exploitation.