Particulars have emerged a couple of excessive severity safety vulnerability affecting a software program driver utilized in HP, Xerox, and Samsung printers that has remained undetected since 2005.
Tracked as(CVSS rating: 8.8), the problem considerations a buffer overflow in a print driver installer bundle named “SSPORT.SYS” that may allow distant privilege and arbitrary code execution. A whole bunch of thousands and thousands of printers have been launched worldwide to this point with the susceptible driver in query.
Nevertheless, there isn’t a proof that the flaw was abused in real-world assaults.
“A possible buffer overflow within the software program drivers for sure HP LaserJet merchandise and Samsung product printers may result in an escalation of privilege,” in keeping with an advisory printed in Could.
The problem was reported to HP by menace intelligence researchers from SentinelLabs on February 18, 2021, following whichhave been for the affected printers as of Could 19, 2021.
Particularly, the problem hinges on the truth that the printer driver would not sanitize the dimensions of the person enter, doubtlessly permitting an unprivileged person to run code in kernel mode.
“The susceptible operate inside the driving force accepts knowledge despatched from Consumer Mode by way of(Enter/Output Management) with out validating the dimensions parameter,” SentinelOne researcher Asaf Amir in a report shared with The Hacker Information. “This operate copies a string from the person enter utilizing ‘ ‘ with a dimension parameter that’s managed by the person. Basically, this permits attackers to overrun the buffer utilized by the driving force.”
Curiously, it seems that HP copied the driving force’s performance from aprinted by Microsoft, though the pattern undertaking in itself would not comprise the vulnerability.
This isn’t the primary time safety flaws have been found in previous software program drivers. Earlier this Could, SentinelOne revealed particulars about a number of vital privilege escalation vulnerabilities in Dell’s firmware replace driver named “” that went undisclosed for greater than 12 years.