### [CVE-2018-15499](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-15499)
![](https://img.shields.io/static/v1?label=Product&message=n%2Fa&color=blue)
![](https://img.shields.io/static/v1?label=Version&message=n%2Fa&color=blue)
![](https://img.shields.io/static/v1?label=Vulnerability&message=n%2Fa&color=brighgreen)

### Description

GEAR Software products that include GEARAspiWDM.sys, 2.2.5.0, allow local users to cause a denial of service (Race Condition and BSoD on Windows) by not checking that user-mode memory is available right before writing to it. A check is only performed at the beginning of a long subroutine.

### POC

#### Reference
- https://github.com/DownWithUp/CVE-2018-15499
- https://github.com/DownWithUp/CVE-2018-15499

#### Github
- https://github.com/0xT11/CVE-POC
- https://github.com/ARPSyndicate/cvemon
- https://github.com/CrackerCat/Kernel-Security-Development
- https://github.com/DownWithUp/CVE-2018-15499
- https://github.com/DownWithUp/CVE-Stockpile
- https://github.com/ExpLife0011/awesome-windows-kernel-security-development
- https://github.com/Ondrik8/exploit
- https://github.com/anquanscan/sec-tools
- https://github.com/pravinsrc/NOTES-windows-kernel-links