CVE-2021-23886
5.5
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
Summary
Denial of Service vulnerability in McAfee Data Loss Prevention (DLP) Endpoint for Windows prior to 11.6.100 allows a local, low privileged, attacker to cause a BSoD through suspending a process, modifying the processes memory and restarting it. This is triggered by the hdlphook driver reading invalid memory.
Affected Software
| Vendor | Product | Version Range | Status |
|---|---|---|---|
| McAfee,LLC | McAfee Data Loss Prevention (DLP) Endpoint for Windows | unspecified < 10.6.100.41 | affected |
Weaknesses
- CWE-755: CWE-755: Improper Handling of Exceptional Conditions
ADP Enrichment
CVE Program Container
Additional References
- https://kc.mcafee.com/corporate/index?page=content&id=SB10354
- https://kc.mcafee.com/corporate/index?page=content&id=SB10357
References
- https://kc.mcafee.com/corporate/index?page=content&id=SB10354
- https://kc.mcafee.com/corporate/index?page=content&id=SB10357
Feedback
Was this page helpful?
Glad to hear it! Please tell us how we can improve.
Sorry to hear that. Please tell us how we can improve.