{"id":124563,"date":"2024-08-13T09:08:02","date_gmt":"2024-08-13T00:08:02","guid":{"rendered":"https:\/\/softantenna.com\/blog\/?p=124563"},"modified":"2024-08-13T09:08:02","modified_gmt":"2024-08-13T00:08:02","slug":"windows-10-11-cve-2024-6768","status":"publish","type":"post","link":"https:\/\/softantenna.com\/blog\/windows-10-11-cve-2024-6768\/","title":{"rendered":"Windows 11\/10\u306bBSOD\u3092\u5f15\u304d\u8d77\u3053\u3059\u65b0\u305f\u306a\u8106\u5f31\u6027CVE-2024-6768\u304c\u767a\u898b\u3055\u308c\u308b"},"content":{"rendered":"<p><img decoding=\"async\" style=\"display:block; margin-left:auto; margin-right:auto;\" src=\"https:\/\/softantenna.com\/blog\/wp-content\/uploads\/2020\/06\/security-protection-anti-virus-software-60504.jpeg\" alt=\"Security protection anti virus software 60504\" title=\"security-protection-anti-virus-software-60504.jpeg\" border=\"0\" width=\"1280\" height=\"853\" \/><\/p>\n<p>\u5148\u6708\u306f<a href=\"https:\/\/softantenna.com\/blog\/microsoft-explains-crowdstrike-outage\/\">CrowdStrike\u306e\u4e0d\u5177\u5408<\/a>\u306b\u3088\u308a\u3001\u4e16\u754c\u4e2d\u306e\u591a\u304f\u306ePC\u3067\u30d6\u30eb\u30fc\u30b9\u30af\u30ea\u30fc\u30f3\u304c\u767a\u751f\u3057\u3001\u30b7\u30b9\u30c6\u30e0\u304c\u505c\u6b62\u3059\u308b\u3068\u3044\u3046\u5927\u304d\u306a\u554f\u984c\u304c\u767a\u751f\u3057\u307e\u3057\u305f\u3002<\/p>\n<p>CrowdStrike\u306eBSOD\u969c\u5bb3\u306f\u3001\u30bb\u30ad\u30e5\u30ea\u30c6\u30a3\u30a2\u30c3\u30d7\u30c7\u30fc\u30c8\u306e\u5931\u6557\u304c\u539f\u56e0\u3067\u3057\u305f\u304c\u3001\u4eca\u56de\u3001\u30b5\u30a4\u30d0\u30fc\u30bb\u30ad\u30e5\u30ea\u30c6\u30a3\u4f01\u696dFortra\u306f\u3001BSOD\u3092\u5f15\u304d\u8d77\u3053\u3059\u65b0\u305f\u306a\u30bb\u30ad\u30e5\u30ea\u30c6\u30a3\u4e0a\u306e\u6b20\u9665\u304cWindows\u30c9\u30e9\u30a4\u30d0\u306b\u5b58\u5728\u3059\u308b\u3053\u3068\u3092\u767a\u898b\u3057\u3066\u3044\u307e\u3059\u3002<\/p>\n<p>Common Log File System\u306e\u51e6\u7406\u3092\u62c5\u5f53\u3059\u308bWindows\u306eCLFS.SYS\u30c9\u30e9\u30a4\u30d0\u304c\u554f\u984c\u306e\u6839\u6e90\u3067\u3001\u5165\u529b\u306e\u4e0d\u9069\u5207\u306a\u691c\u8a3c\u306b\u3088\u3063\u3066\u5f15\u304d\u8d77\u3053\u3055\u308c\u3001\u6700\u7d42\u7684\u306bBSOD\u304c\u767a\u751f\u3059\u308b\u3068\u306e\u3053\u3068\u3002\u5b8c\u5168\u306b\u30a2\u30c3\u30d7\u30c7\u30fc\u30c8\u3055\u308c\u305fWindows 10\/11\u30b7\u30b9\u30c6\u30e0\u3067\u3082\u3053\u306e\u8106\u5f31\u6027\u306e\u5f71\u97ff\u3092\u3046\u3051\u3001\u60aa\u610f\u306e\u3042\u308b\u30e6\u30fc\u30b6\u30fc\u304c\u8106\u5f31\u6027\u3092\u5229\u7528\u3057\u3066\u3001\u30b7\u30b9\u30c6\u30e0\u3092\u7e70\u308a\u8fd4\u3057\u30af\u30e9\u30c3\u30b7\u30e5\u3055\u305b\u308b\u3053\u3068\u304c\u53ef\u80fd\u3068\u306a\u308a\u307e\u3059\u3002<\/p>\n<p>\u3053\u306e\u554f\u984c\u306f\u3001CVE-2024-6768\u3067\u8ffd\u8de1\u3055\u308c\u3066\u304a\u308a\u3001Fortra\u306eNicardo Narvaja\u6c0f\u306f\u6b21\u306e\u3088\u3046\u306b\u8aac\u660e\u3057\u3066\u3044\u307e\u3059\u3002<\/p>\n<blockquote><p>\nCVE-2024-6768 is a vulnerability in the Common Log File System (CLFS.sys) driver of Windows, caused by improper validation of specified quantities in input data. This flaw leads to an unrecoverable inconsistency, triggering the KeBugCheckEx function and resulting in a Blue Screen of Death (BSoD). The issue affects all versions of Windows 10 and Windows 11, despite having all updates applied.<\/p>\n<p>CVE-2024-6768 \u306f\u3001Windows \u306e Common Log File System (CLFS.sys) \u30c9\u30e9\u30a4\u30d0\u306b\u5b58\u5728\u3059\u308b\u8106\u5f31\u6027\u3067\u3001\u5165\u529b\u30c7\u30fc\u30bf\u4e2d\u306e\u6307\u5b9a\u6570\u91cf\u306e\u4e0d\u9069\u5207\u306a\u691c\u8a3c\u306b\u3088\u308a\u767a\u751f\u3057\u307e\u3059\u3002\u3053\u306e\u6b20\u9665\u306b\u3088\u308a\u3001\u56de\u5fa9\u4e0d\u53ef\u80fd\u306a\u4e0d\u6574\u5408\u304c\u767a\u751f\u3057\u3001KeBugCheckEx\u95a2\u6570\u304c\u30c8\u30ea\u30ac\u30fc\u3055\u308c\u3001\u30d6\u30eb\u30fc\u30b9\u30af\u30ea\u30fc\u30f3\u30aa\u30d6\u30c7\u30b9\uff08BSoD\uff09\u304c\u767a\u751f\u3057\u307e\u3059\u3002\u3053\u306e\u554f\u984c\u306f\u3001\u3059\u3079\u3066\u306e\u30a2\u30c3\u30d7\u30c7\u30fc\u30c8\u304c\u9069\u7528\u3055\u308c\u3066\u3044\u308b\u306b\u3082\u304b\u304b\u308f\u3089\u305a\u3001Windows 10\u304a\u3088\u3073Windows 11\u306e\u3059\u3079\u3066\u306e\u30d0\u30fc\u30b8\u30e7\u30f3\u306b\u5f71\u97ff\u3057\u307e\u3059\u3002<\/p>\n<p>A Proof of Concept (PoC) shows that by crafting specific values within a .BLF file, an unprivileged user can induce a system crash. The potential problems include system instability and denial of service, as malicious users can exploit this vulnerability to repeatedly crash affected systems, disrupting operations and potentially causing data loss.<\/p>\n<p>\u6982\u5ff5\u5b9f\u8a3c\uff08PoC\uff09\u306f\u3001.BLF\u30d5\u30a1\u30a4\u30eb\u5185\u306e\u7279\u5b9a\u306e\u5024\u3092\u7d30\u5de5\u3059\u308b\u3053\u3068\u3067\u3001\u975e\u7279\u6a29\u30e6\u30fc\u30b6\u30fc\u304c\u30b7\u30b9\u30c6\u30e0\u30af\u30e9\u30c3\u30b7\u30e5\u3092\u8a98\u767a\u3067\u304d\u308b\u3053\u3068\u3092\u793a\u3057\u3066\u3044\u308b\u3002\u60aa\u610f\u306e\u3042\u308b\u30e6\u30fc\u30b6\u30fc\u304c\u3053\u306e\u8106\u5f31\u6027\u3092\u60aa\u7528\u3057\u3066\u3001\u5f71\u97ff\u3092\u53d7\u3051\u305f\u30b7\u30b9\u30c6\u30e0\u3092\u7e70\u308a\u8fd4\u3057\u30af\u30e9\u30c3\u30b7\u30e5\u3055\u305b\u3001\u30aa\u30da\u30ec\u30fc\u30b7\u30e7\u30f3\u3092\u4e2d\u65ad\u3055\u305b\u3001\u30c7\u30fc\u30bf\u640d\u5931\u3092\u5f15\u304d\u8d77\u3053\u3059\u53ef\u80fd\u6027\u304c\u3042\u308b\u305f\u3081\u3001\u6f5c\u5728\u7684\u306a\u554f\u984c\u3068\u3057\u3066\u306f\u3001\u30b7\u30b9\u30c6\u30e0\u306e\u4e0d\u5b89\u5b9a\u6027\u3084\u30b5\u30fc\u30d3\u30b9\u62d2\u5426\u306a\u3069\u304c\u3042\u308b\u3002\n<\/p><\/blockquote>\n<p>\u5e78\u3044(?)\u3001\u30ed\u30fc\u30ab\u30eb\u653b\u6483\u3067\u3042\u308b\u305f\u3081\u3001CLFS\u306e\u30d9\u30fc\u30b9\u30fb\u30ed\u30b0\u30fb\u30d5\u30a1\u30a4\u30eb(BLF)\u3092\u64cd\u4f5c\u3057\u3088\u3046\u3068\u3059\u308b\u653b\u6483\u8005\u306f\u3001\u30b7\u30b9\u30c6\u30e0\u306b\u7269\u7406\u7684\u306b\u30a2\u30af\u30bb\u30b9\u3059\u308b\u5fc5\u8981\u304c\u3042\u308a\u307e\u3059\u3002<\/p>\n<p>\u4eca\u56de\u767a\u898b\u3055\u308c\u305f\u8106\u5f31\u6027\u306f\u3001Microsoft\u304c2023\u5e7411\u6708\u306e\u6708\u4f8b\u66f4\u65b0\u30d7\u30ed\u30b0\u30e9\u30e0(Windows 10 KB5032189\u304a\u3088\u3073Windows 11 KB5032190\uff09\u3067\u5bfe\u51e6\u3057\u305fCVE-2023-36424 LPE(\u30ed\u30fc\u30ab\u30eb\u7279\u6a29\u306e\u6607\u683c)\u3068\u985e\u4f3c\u3057\u3066\u3044\u307e\u3059\u3002<\/p>\n<p>Windows\u3067\u306f\u6700\u8fd1\u3001\u5b8c\u5168\u306b\u30a2\u30c3\u30d7\u30c7\u30fc\u30c8\u3055\u308c\u305fWindows PC\u3092\u30c0\u30a6\u30f3\u30ed\u30fc\u30c9\u3059\u308b\u3053\u3068\u304c\u3067\u304d\u308b\u3068\u3044\u3046<a href=\"https:\/\/softantenna.com\/blog\/windows-downdate\/\">\u5225\u306e\u8106\u5f31\u6027<\/a>\u304c\u898b\u3064\u304b\u3063\u3066\u3044\u307e\u3059\u3002<\/p>\n<p>[via <a href=\"https:\/\/www.neowin.net\/news\/windows-1110-system-driver-has-bsod-triggering-cve-2024-6768-flaw-on-fully-updated-pcs\/\">Neowin<\/a>]<\/p>\n","protected":false},"excerpt":{"rendered":"<p>\u5148\u6708\u306fCrowdStrike\u306e\u4e0d\u5177\u5408\u306b\u3088\u308a\u3001\u4e16\u754c\u4e2d\u306e\u591a\u304f\u306ePC\u3067\u30d6\u30eb\u30fc\u30b9\u30af\u30ea\u30fc\u30f3\u304c\u767a\u751f\u3057\u3001\u30b7\u30b9\u30c6\u30e0\u304c\u505c\u6b62\u3059\u308b\u3068\u3044\u3046\u5927\u304d\u306a\u554f\u984c\u304c\u767a\u751f\u3057\u307e\u3057\u305f\u3002 CrowdStrike\u306eBSOD\u969c\u5bb3\u306f\u3001\u30bb\u30ad\u30e5\u30ea\u30c6\u30a3\u30a2\u30c3\u30d7\u30c7\u30fc\u30c8\u306e\u5931\u6557\u304c\u539f\u56e0\u3067 [&hellip;]<\/p>\n","protected":false},"author":2,"featured_media":124564,"comment_status":"open","ping_status":"closed","sticky":false,"template":"","format":"standard","meta":{"swell_btn_cv_data":"","footnotes":""},"categories":[3],"tags":[3298,2701,4387],"class_list":["post-124563","post","type-post","status-publish","format-standard","has-post-thumbnail","hentry","category-windows","tag-windows","tag-windows10","tag-windows11"],"_links":{"self":[{"href":"https:\/\/softantenna.com\/blog\/wp-json\/wp\/v2\/posts\/124563","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/softantenna.com\/blog\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/softantenna.com\/blog\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/softantenna.com\/blog\/wp-json\/wp\/v2\/users\/2"}],"replies":[{"embeddable":true,"href":"https:\/\/softantenna.com\/blog\/wp-json\/wp\/v2\/comments?post=124563"}],"version-history":[{"count":0,"href":"https:\/\/softantenna.com\/blog\/wp-json\/wp\/v2\/posts\/124563\/revisions"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/softantenna.com\/blog\/wp-json\/wp\/v2\/media\/124564"}],"wp:attachment":[{"href":"https:\/\/softantenna.com\/blog\/wp-json\/wp\/v2\/media?parent=124563"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/softantenna.com\/blog\/wp-json\/wp\/v2\/categories?post=124563"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/softantenna.com\/blog\/wp-json\/wp\/v2\/tags?post=124563"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}