CVE-2025-54110
ntoskrnl.exe — integer overflow allows elevation of privilege
Summary
| Field | Value |
|---|---|
| Driver | ntoskrnl.exe |
| Vulnerability Class | Integer Overflow |
| CVSS | 7.8 |
| Exploited ITW | No |
| Patch Date | September 9, 2025 |
Root Cause
An integer overflow in the NT kernel occurs during size calculations for a kernel buffer allocation. The overflow causes an undersized allocation, and subsequent writes overflow the buffer.
Exploitation
The attacker triggers the integer overflow through specific system calls. The undersized allocation followed by a larger write provides a heap overflow primitive for SYSTEM escalation.
Exploitation Primitive
Crafted syscall → integer overflow in size calculation
→ undersized allocation → heap overflow → SYSTEM