5 matches found
Windows Kernel 64-bit pool memory disclosure in NtQueryVirtualMemory(MemoryMappedFilenameInformation)(CVE-2018-0894)
We have discovered that the nt!NtQueryVirtualMemory system call invoked with the 2 information class MemoryMappedFilenameInformation discloses portions of uninitialized kernel pool memory to user-mode clients. The vulnerability affects 64-bit versions of Windows 7 to 10. The output buffer for thi...
Microsoft Windows Kernel - NtQueryVirtualMemory(MemoryMappedFilenameInformation) 64-bit Pool Memory Disclosure
Microsoft Windows Kernel - NtQueryVirtualMemoryMemoryMappedFilenameInformation 64-bit Pool Memory Disclosure / We have discovered that the nt!NtQueryVirtualMemory system call invoked with the 2 information class MemoryMappedFilenameInformation discloses portions of uninitialized kernel pool memor...
Microsoft Windows Kernel - NtQueryVirtualMemory(MemoryMappedFilenameInformation) 64-bit Pool Memory
Exploit for windows platform in category dos / poc / We have discovered that the nt!NtQueryVirtualMemory system call invoked with the 2 information class MemoryMappedFilenameInformation discloses portions of uninitialized kernel pool memory to user-mode clients. The vulnerability affects 64-bit...
Microsoft Windows Kernel - NtQueryVirtualMemory(MemoryMappedFilenameInformation) Double-Write Ring-0
Exploit for windows platform in category dos / poc / Source: https://bugs.chromium.org/p/project-zero/issues/detail?id=1456 We have discovered that it is possible to disclose addresses of kernel-mode Paged Pool allocations via a race-condition in the implementation of the NtQueryVirtualMemory...
Microsoft Windows Kernel - NtQueryVirtualMemory(MemoryMappedFilenameInformation) Double-Write Ring-0 Address Leak
Microsoft Windows Kernel - NtQueryVirtualMemoryMemoryMappedFilenameInformation Double-Write Ring-0 Address Leak / Source: https://bugs.chromium.org/p/project-zero/issues/detail?id=1456 We have discovered that it is possible to disclose addresses of kernel-mode Paged Pool allocations via a...