CVE-2025-67246

A local information disclosure vulnerability exists in the Ludashi driver before 5.1025 due to a lack of access control in the IOCTL handler. This driver exposes a device interface accessible to a normal user and handles attacker-controlled structures containing the lower 4GB of physical addresses. The handler maps arbitrary physical memory via MmMapIoSpace and copies data back to user mode without verifying the caller's privileges or the target address range. This allows unprivileged users to read arbitrary physical memory, potentially exposing kernel data structures, kernel pointers, security tokens, and other sensitive information. This vulnerability can be further exploited to bypass the Kernel Address Space Layout Rules (KASLR) and achieve local privilege escalation.

CVSS v3 7.3 HIGH

7.3^/10

CVSS v3 : HIGH

V3 Legend

Vector :

Exploitability : 2.0 / Impact : 4.7

Attack Vector LOCAL

Attack Complexity LOW

Privileges Required LOW

User Interaction NONE

Confidentiality Impact HIGH

Integrity Impact LOW

Availability Impact NONE

Scope CHANGED

References

Link	Resource
http://ludashi.com	Product
https://github.com/CDipper/CVE-Publication	Exploit Third Party Advisory

Configurations

Configuration 1 (hide)

cpe:2.3:a:ludashi:ludashi_driver:*:*:*:*:*:*:*:*

History

No history.

Information

Published : 2026-01-15 16:16

Updated : 2026-01-23 18:03

NVD link : CVE-2025-67246

Mitre link : CVE-2025-67246

CVE.ORG link : CVE-2025-67246

JSON object : View

Products Affected

ludashi

ludashi_driver

CWE

CWE-269

Improper Privilege Management

CWE-732

Incorrect Permission Assignment for Critical Resource

7.3 /10