Particulars have emerged about a large severity safety vulnerability influencing a software program driver used in HP, Xerox, and Samsung printers that has remained undetected due to the fact 2005.
Tracked as CVE-2021-3438 (CVSS score: 8.8), the problem worries a buffer overflow in a print driver installer deal named “SSPORT.SYS” that can empower remote privilege and arbitrary code execution. Hundreds of millions of printers have been released worldwide to day with the vulnerable driver in problem.
However, there is no proof that the flaw was abused in real-entire world assaults.
“A prospective buffer overflow in the software package motorists for certain HP LaserJet merchandise and Samsung item printers could lead to an escalation of privilege,” in accordance to an advisory released in May possibly.
The situation was claimed to HP by menace intelligence researchers from SentinelLabs on February 18, 2021, next which therapies have been posted for the influenced printers as of May possibly 19, 2021.
Especially, the challenge hinges on the actuality that the printer driver isn’t going to sanitize the dimensions of the person input, most likely making it possible for an unprivileged consumer to escalate privileges and run malicious code in kernel manner on systems that have the buggy driver installed. now
“The susceptible operate inside the driver accepts data sent from Person Manner by using IOCTL (Enter/Output Handle) with out validating the dimensions parameter,” SentinelOne researcher Asaf Amir stated in a report shared with The Hacker News. “This perform copies a string from the person enter applying ‘strncpy’ with a measurement parameter that is controlled by the consumer. Primarily, this enables attackers to overrun the buffer utilized by the driver.”
Apparently, it seems that HP copied the driver’s features from a close to-similar Home windows driver sample printed by Microsoft, though the sample venture in by itself will not incorporate the vulnerability.
This is not the very first time security flaws have been identified in old application motorists. Before this May perhaps, SentinelOne discovered aspects about many crucial privilege escalation vulnerabilities in Dell’s firmware update driver named “dbutil_2_3.sys” that went undisclosed for extra than 12 many years.