Windows Kernel 64-bit stack memory disclosure in win32k!XDCOBJ::RestoreAttributes(CVE-2018-0811)

We have discovered that the win32k!XDCOBJ::RestoreAttributes function leaks portions of uninitialized kernel stack memory to user-mode address space on Windows 7 to 10. It was confirmed on 64-bit platforms, 32-bit builds were not tested. The overall copied memory area is 0x1a0 bytes long, 4 of...