2011-06-11 09:39:31 UTC
vulnerability has been found in DCPP but I am unable to work out how serious it
is and what implications it has for my data, could anyone with knowledge tell
me how serious this bug is?
What does exactly mean for the user that execution of arbitrary code can be
executed in the kernel? All I want to know is if my data is safe using
DriveCrypt full disk encryption or I must get something else, thank you.
Secunia Advisory SA42881
DriveCrypt "DCR.sys" IOCTL Handling Privilege Escalation Vulnerability
A vulnerability has been discovered in DriveCrypt, which can be exploited by
malicious, local users to gain escalated privileges.
The vulnerability is caused due to an error in the "DCR.sys" driver when
processing IOCTLs and can be exploited to corrupt memory via a specially
crafted 0x00073800 IOCTL.
Successful exploitation allows execution of arbitrary code in the kernel.
The vulnerability is confirmed in version 5.4. Other versions may also be