Buffer overflow in Windows filesystem driver (KB003)
2018 Dec 25
On Windows, the Keybase filesystem optionally mounts via drivers provided by the Dokan project. A stack-based buffer overflow in the dokan driver has been discovered by Parvez Anwar (@parvezghh) and reported by CERT Coordination Center as CVE-2018-5410. Dokan was not checking the length of the path argument during mount.
The immediate fix was a change to Fix Buffer Overflow by adding mount length path check. After Dokan released a version containing this fix, Keybase added the upgraded package version 22.214.171.1240 and added a check to not mount to older drivers , and included these in a hotfix update, version 2.12.3-20181221135356+d161abd500.
Keybase versions release prior to December 21, 2018 (commit 0752668), and prior to 2.12.3-20181221135356.
- 2018 December 11 — Dokan notifies Keybase of buffer overflow and upcoming release
- 2018 December 20 — Dokan announces release 126.96.36.1990 ahead of publication by CERT
- 2018 December 21 — New Keybase Windows release (2.12.3-20181221135356)
- 2018 Dec 25 — This announcement