CVE-2008-4363

DESlock+ 3.2.7 - Denial of Service via DLMFENC_IOCTL Request

Title source: llm
STIX 2.1

Exploitation Summary

EIP tracks 2 public exploits for CVE-2008-4363. PoCs published by mu-b.

AI-analyzed exploit summary This exploit demonstrates a local kernel race condition in DESlock+ <= 3.2.7 by repeatedly allocating and freeing memory while issuing IOCTL requests to trigger a DoS. The race condition occurs between ProbeForRead/ProbeForWrite calls and pointer usage in the DLMFENC.sys driver.

Description

DLMFENC.sys 1.0.0.28 in DESlock+ 3.2.7 allows local users to cause a denial of service (system crash) or potentially execute arbitrary code via a certain DLMFENC_IOCTL request to \\.\DLKPFSD_Device that overwrites a pointer, probably related to use of the ProbeForRead function when ProbeForWrite was intended.

Exploits (2)

exploitdb WORKING POC VERIFIED
by mu-b · cdoswindows
https://www.exploit-db.com/exploits/6497

This exploit demonstrates a local kernel race condition in DESlock+ <= 3.2.7 by repeatedly allocating and freeing memory while issuing IOCTL requests to trigger a DoS. The race condition occurs between ProbeForRead/ProbeForWrite calls and pointer usage in the DLMFENC.sys driver.

Classification
Working Poc 95%
Attack Type
Dos
Complexity
Moderate
Reliability
Racy
Target: DESlock+ <= 3.2.7 (DLMFENC.sys 1.0.0.28)
No auth needed
Prerequisites: Local access to the system · DESlock+ driver installed
devstral-2 · analyzed Feb 16, 2026 Full analysis →
exploitdb WORKING POC VERIFIED
by mu-b · cdoswindows
https://www.exploit-db.com/exploits/6498

This exploit targets a local kernel DoS vulnerability in DESlock+ <= 3.2.7 by sending a malformed IOCTL request to the DLKPFSD_Device driver, causing a call to ProbeForRead with a user-definable address. The PoC allocates a read-only memory page and triggers the vulnerability via DeviceIoControl.

Classification
Working Poc 95%
Attack Type
Dos
Complexity
Moderate
Reliability
Reliable
Target: DESlock+ <= 3.2.7 (DLMFENC.sys 1.0.0.28)
No auth needed
Prerequisites: Local access to the system · DESlock+ driver installed
devstral-2 · analyzed Feb 16, 2026 Full analysis →

References (5)

Core 5
Core References
Third Party Advisory vdb-entry x_refsource_vupen
http://www.vupen.com/english/advisories/2008/2638
Vendor Advisory third-party-advisory x_refsource_secunia
http://secunia.com/advisories/31921
Exploit, Third Party Advisory exploit x_refsource_exploit-db
https://www.exploit-db.com/exploits/6498
Third Party Advisory third-party-advisory x_refsource_sreason
http://securityreason.com/securityalert/4342

Scores

EPSS 0.0118
EPSS Percentile 63.7%

Details

CWE
CWE-20
Status published
Products (1)
deslock/deslock 3.2.7
Published Sep 30, 2008
Tracked Since Feb 18, 2026