Matt Andreko
The Evil Bit Blog
rewt dance
Yet Another Security Blog
Malware, Vulnerabilities, Exploits and more . . .
Last November I reported a kernel vulnerability to CERT/CC for their help in coordinating the disclosure as it impacted dozens of vendors including Google Drive File Stream (GDFS).
The vulnerability was a stack-based buffer overflow in Dokany’s kernel mode file system driver and has been assigned cve id of CVE-2018-5410. With Dokany you can create your own virtual file system without writing device drivers. The code is open source and is being used in dozens of projects listed here . A handful of products were tested and are all shipped with Dokany’s compiled package with the exception of GDFS where parts of the code have been changed and signed by Google.
Matt Andreko
The Evil Bit Blog
rewt dance
Yet Another Security Blog