CVE-2025-61155

Name of the Vulnerable Software and Affected Versions GameDriverX64.sys versions 7.23.4.7 and earlier

Description The GameDriverX64.sys kernel-mode anti-cheat driver contains an access control issue in one of its IOCTL handlers. A user-mode process can send specially crafted IOCTL requests to the driver. These requests are executed in kernel-mode without proper authentication or access validation, potentially allowing an attacker to terminate arbitrary processes, including critical system and security services, without administrative privileges. The affected driver is signed. The vulnerability allows for a local denial of service by crashing arbitrary processes. The vulnerable component utilizes functions such as IoCreateDevice, IoCreateSymbolicLink, and ZwTerminateProcess. The API endpoint used for exploitation involves sending IOCTL requests to the driver. The vulnerable parameter is the crafted IOCTL request itself.

Recommendations Versions prior to 7.23.4.7 should be updated.