VYPR

SD card reader driver

by Realtek

CVEs (2)

  • CVE-2024-40431HigOct 23, 2024
    risk 0.59cvss 8.8epss 0.01

    A lack of input validation in Realtek SD card reader driver before 10.0.26100.21374 through the implementation of the IOCTL_SCSI_PASS_THROUGH control of the SD card reader driver allows an attacker to write to predictable kernel memory locations, even as a low-privileged user.

  • CVE-2024-40432MedOct 23, 2024
    risk 0.42cvss 6.5epss 0.00

    A lack of input validation in Realtek SD card reader driver before 10.0.26100.21374 through the implementation of the IOCTL_SFFDISK_DEVICE_COMMAND control of the SD card reader driver allows a privileged attacker to crash the OS.