CVE-2022-25949
https://notcve.org/view.php?id=CVE-2022-25949
The kernel mode driver kwatch3 of KINGSOFT Internet Security 9 Plus Version 2010.06.23.247 fails to properly handle crafted inputs, leading to stack-based buffer overflow. El controlador de modo kernel kwatch3 de KINGSOFT Internet Security 9 Plus Versión 2010.06.23.247, no maneja apropiadamente las entradas diseñadas, conllevando a un desbordamiento de búfer en la región stack de la memoria • https://github.com/tandasat/CVE-2022-25949 https://jvn.jp/en/jp/JVN21234459 https://support.kingsoft.jp/support-info/weakness.html • CWE-121: Stack-based Buffer Overflow CWE-787: Out-of-bounds Write •
CVE-2018-9151
https://notcve.org/view.php?id=CVE-2018-9151
A NULL pointer dereference bug in the function ObReferenceObjectByHandle in the Kingsoft Internet Security 9+ kernel driver KWatch3.sys allows local non-privileged users to crash the system via IOCTL 0x80030030. Una vulnerabilidad de desreferencia de puntero NULL en la función ObReferenceObjectByHandle en el controlador del kernel KWatch3.sys de Kingsoft Internet Security 9+ permite que los usuarios no privilegiados locales cierren el sistema de manera inesperada mediante la llamada IOCTL 0x80030030. • http://seclists.org/fulldisclosure/2018/Mar/78 • CWE-476: NULL Pointer Dereference •