CVE-2022-25478: 
Realtek RtsPer Card Reader Driver vulnerability analysis and mitigation

A vulnerability in Realtek RtsPer driver for PCIe Card Reader (RtsPer.sys) before version 10.0.22000.21355 and Realtek RtsUer driver for USB Card Reader (RtsUer.sys) before version 10.0.22000.31274 provides unauthorized read and write access to the PCI configuration space of the device. The vulnerability affects multiple laptop manufacturers including Dell, Lenovo, HP, and MSI that use Realtek SD card readers (GBHackers, CyberSecurityNews).

The vulnerability (CVE-2022-25478) enables access to the PCI configuration space through two control codes: 0x2D2190 for reading and 0x2D2194 for writing. These controls act as wrappers for the GetSetDeviceData method of BUSINTERFACESTANDARD driver interface. The affected SD card reader models include RTS5227, RTS5228, RTS522A, RTS5249, RTS524A, RTS5250, RTS525A, RTS5287, RTS5260, RTS5261, and RTS5264. When writing random values to the Base Address Registers (BARs), it can trigger interrupt storms that render the operating system unusable (ZwClose).

The vulnerability allows non-privileged users to access and modify the PCI configuration space, potentially causing system instability and denial of service through interrupt storms. The widespread use of these card readers across multiple laptop manufacturers amplifies the potential impact (GBHackers, CyberSecurityNews).

The vulnerability has been patched in RtsPer.sys version 10.0.26100.21374 or higher, released in July or August 2023. Users are strongly advised to update their SD card reader drivers to the latest version through their respective OEM channels (ZwClose).