Paolo Stagno

I can see your point in having DriverBuddyReloaded recognize the above-mentioned case, unfortunately, it is easier said than done. At the beginning of the development, I've decided to exclude this...

~On second thought, the implementation at:~ On third thought, the implementation at: - https://github.com/VoidSec/DriverBuddyReloaded/blob/a07d9196cbcc1ffc7fa2d668dfcae85de3663a19/DriverBuddyReloaded/dump_pool_tags.py#L6 ~already use IDA Tag information to find and report the tag, it seems an implementation bug...

Thank you, it would be a really good idea to have something like that! I do not have any timeframe yet to implement that but I'll try. - https://learn.microsoft.com/en-us/windows-hardware/drivers/kernel/irp-major-function-codes **Enums**...

Yeah, your tool was extremely helpful to map out a nice subset. Thank you for the tool. :) Tomorrow I will check the fix and close the issue if everithing...

Following @lumip's analysis and my preliminary triage, we're pretty confident that the mentioned vulnerabilities cannot be exploited further than causing a Denial of Service (DoS) on the Clementine client. For...

It was tested starting from IDA 7.6 but shouldn't be mandatory. Which version of python you're on?

would you mind sharing the driver causing the error?

Tested on IDA 7.6 on Python 3.10.4, fixed in https://github.com/VoidSec/DriverBuddyReloaded/releases/tag/1.6

@rjt-gupta would you mind sharing the driver causing the error? You can send me an email at voidsec[at]voidsec.com if you'd like to keep it private.

@HongThatCong thank you very much for pointing that out! I'll update the readme in order to reflect that requirement