From 6338d513537a6872ef64cbe59b453a5e15d0dcc7 Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Herv=C3=A9=20Poussineau?= <hpoussin@reactos.org>
Date: Sat, 14 Sep 2024 09:15:51 +0200
Subject: [PATCH] [NTOS:EX] In NtSystemDebugControl, check for SeDebugPrivilege

---
 ntoskrnl/ex/dbgctrl.c | 4 ++++
 1 file changed, 4 insertions(+)

diff --git a/ntoskrnl/ex/dbgctrl.c b/ntoskrnl/ex/dbgctrl.c
index dbb47793ee5..c6553324a80 100644
--- a/ntoskrnl/ex/dbgctrl.c
+++ b/ntoskrnl/ex/dbgctrl.c
@@ -218,6 +218,10 @@ NtSystemDebugControl(
     ULONG Length = 0;
     NTSTATUS Status;
 
+    /* Debugger controlling requires the debug privilege */
+    if (!SeSinglePrivilegeCheck(SeDebugPrivilege, PreviousMode))
+        return STATUS_ACCESS_DENIED;
+
     _SEH2_TRY
     {
         if (PreviousMode != KernelMode)