This module exploits a vulnerability in the LoadContainerQ function within clfs.sys. The root cause of this vulnerability is that LoadContainerQ uses CLFS_CONTAINER_CONTEXT.pContainer without verifying whether the FlushImage function has invalidated the General Metadata Block.
CVE Link
Exploit Platform
Product Name