Skip to main content

Microsoft Windows Kernel-Mode Driver Elevation of Privilege Vulnerabilities

Last Update Date: 12 Mar 2015 Release Date: 11 Mar 2015 3762 Views

RISK: Medium Risk

TYPE: Operating Systems - Windows OS

TYPE: Windows OS
  1. Microsoft Windows Kernel Memory Disclosure Vulnerability
    An information disclosure vulnerability exists in the Windows kernel-mode driver that could allow the disclosure of kernel memory contents to an attacker. This vulnerability is caused when the Windows kernel-mode driver fails to initialize function buffers in a manner that removes the results of previous function calls.
  2. Win32k Elevation of Privilege Vulnerability
    An elevation of privilege vulnerability exists in the Windows kernel-mode driver that is caused when the kernel-mode driver fails to properly validate the calling thread's token.
  3. Microsoft Windows Kernel Memory Disclosure Vulnerability
    An information disclosure vulnerability exists in the Windows kernel-mode driver that could allow the disclosure of kernel memory contents to an attacker. This vulnerability is caused when the Windows kernel-mode driver leaks private address information during a function call.
  4. Microsoft Windows Kernel Memory Disclosure Vulnerability
    An information disclosure vulnerability exists in the Windows kernel-mode driver that could allow the disclosure of kernel memory contents to an attacker. This vulnerability is caused when the Windows kernel-mode driver dereferences a NULL pointer. The NULL page is not typically allocated or mapped, so if the kernel dereferences a NULL pointer the usual result is a blue-screen condition. However, a blue-screen condition can be avoided if the NULL page is mapped and, because the NULL page resides in the user-mode memory address space, the attacker can copy kernel information into the NULL page and read its contents. This attack vector is not viable when NULL page mapping is disabled, which is the default state in Windows 8 and later operating systems.

 


Impact

  • Denial of Service
  • Elevation of Privilege
  • Information Disclosure

System / Technologies affected

  • Windows Server 2003
  • Windows Vista
  • Windows Server 2008
  • Windows 7
  • Windows Server 2008 R2
  • Windows 8 and Windows 8.1
  • Windows Server 2012 and Windows Server 2012 R2
  • Windows RT and Windows RT 8.1

Solutions

Before installation of the software, please visit the software manufacturer web-site for more details.


Vulnerability Identifier


Source


Related Link