CVE-2025-24067
mskssrv.sys — heap-based buffer overflow via crafted IOCTL request
Summary
| Field | Value |
|---|---|
| Driver | mskssrv.sys (Microsoft Kernel Streaming Server) |
| Vulnerability Class | Buffer Overflow (Heap) |
| CVSS | 7.8 |
| Exploited ITW | No |
| Patch Date | March 11, 2025 |
Root Cause
Heap-based buffer overflow in the Microsoft Kernel Streaming Server driver, triggered by a crafted IOCTL. Similar to CVE-2025-24066, this is part of the DEVCORE kernel streaming attack surface research (Pwn2Own 2024 and follow-up).
Exploitation
A locally authenticated attacker sends a crafted IOCTL to overflow a heap buffer in the non-paged pool.
Exploitation Primitive
Crafted IOCTL → heap buffer overflow in mskssrv.sys → adjacent pool corruption → SYSTEM