CVE-2024-45383

Summary

A mishandling of IRP requests vulnerability exists in the HDAudBus_DMA interface of Microsoft High Definition Audio Bus Driver 10.0.19041.3636 (WinBuild.160101.0800). A specially crafted application can issue multiple IRP Complete requests which leads to a local denial-of-service. An attacker can execute malicious script/application to trigger this vulnerability.

Affected Software

VendorProductVersion RangeStatus
MicrosoftHDAudBus.sys10.0.19041.3636 (WinBuild.160101.0800)affected

Weaknesses

  • CWE-664: CWE-664: Improper Control of a Resource Through its Lifetime

ADP Enrichment

CISA ADP Vulnrichment

  • SSVC:
  • Exploitation: none
    • Automatable: no
    • Technical Impact: partial

CVE Program Container

Additional References

References