GHSA-wm74-h69m-r7vvHighCVSS 7.5
In SignalRGB versions prior to 1.3.7.0, seven of the thirteen IOCTL handlers dereference the...
🔗 CVE IDs covered (1)
📋 Description
In SignalRGB versions prior to 1.3.7.0, seven of the thirteen IOCTL handlers dereference the SystemBuffer pointer without first verifying that it is non-NULL. Sending an IOCTL with an empty input buffer causes a NULL pointer dereference, resulting in a kernel crash.