CVE-2021-23886

Summary

Denial of Service vulnerability in McAfee Data Loss Prevention (DLP) Endpoint for Windows prior to 11.6.100 allows a local, low privileged, attacker to cause a BSoD through suspending a process, modifying the processes memory and restarting it. This is triggered by the hdlphook driver reading invalid memory.

Affected Software

VendorProductVersion RangeStatus
McAfee,LLCMcAfee Data Loss Prevention (DLP) Endpoint for Windowsunspecified < 10.6.100.41affected

Weaknesses

  • CWE-755: CWE-755: Improper Handling of Exceptional Conditions

ADP Enrichment

CVE Program Container

Additional References

References