CVE-2022-25480: 
Realtek RtsPer Card Reader Driver vulnerability analysis and mitigation

A vulnerability in Realtek RtsPer driver for PCIe Card Reader (RtsPer.sys) before version 10.0.22000.21355 and Realtek RtsUer driver for USB Card Reader (RtsUer.sys) before version 10.0.22000.31274 allows writing to kernel memory beyond the SystemBuffer of the IRP. The vulnerability was discovered in January 2022 and affects multiple laptop manufacturers including Dell and Lenovo (GBHackers, ZwClose Blog).

The vulnerability (CVE-2022-25480) involves improper handling of sense data and protocol arguments in the SCSI pass-through functionality, allowing indirect writes to kernel memory. The issue occurs when processing SCSIPASSTHROUGH_DIRECT control requests where the SenseInfoOffset field is not properly validated, enabling writes beyond the intended SystemBuffer. The vulnerability has a CVSS v3.1 Base Score of 7.8 HIGH (Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H) (NVD).

The vulnerability allows non-privileged users to write to arbitrary kernel memory locations, potentially leading to privilege escalation and system compromise. Due to the widespread use of Realtek SD card readers across multiple laptop manufacturers including Dell, Lenovo, HP, and MSI, the impact affects a large number of systems (GBHackers).

Realtek has released patched versions of the drivers: RtsPer.sys version 10.0.22000.21355 and RtsUer.sys version 10.0.22000.31274 or later. Users and administrators should update their Realtek SD card reader drivers to these versions or later to address the vulnerability (Realtek Advisory).