Allele Security Alert
ASA-2019-00037, CVE-2018-5410, KB003
Buffer overflow in Windows filesystem driver
Keybase before 2.12.3-20181221135356
Proof of concept
On Windows, the Keybase filesystem optionally mounts via drivers provided by the Dokan project. A stack-based buffer overflow in the dokan driver has been discovered. Dokan was not checking the length of the path argument during mount.
Buffer overflow in Windows filesystem driver (KB003)
update dokan to 126.96.36.1990
sys – Fix Buffer Overflow by adding mount length path check
If there is any error in this alert or you wish a comprehensive analysis, let us know.
Last modified: February 2, 2019