header-logo
Suggest Exploit
vendor:
Window 7 32-bit
by:
Google Security Research
7,8
CVSS
HIGH
Use-After-Free
416
CWE
Product Name: Window 7 32-bit
Affected Version From: Window 7 32-bit
Affected Version To: Window 7 32-bit
Patch Exists: NO
Related CWE: N/A
CPE: N/A
Metasploit: N/A
Other Scripts: N/A
Tags: N/A
CVSS Metrics: N/A
Nuclei References: N/A
Nuclei Metadata: N/A
Platforms Tested: Windows
2013

Use-After-Free Vulnerability in Window 7 32-bit with Special Pool Enabled on win32k.sys

The attached testcase crashes Window 7 32-bit with Special Pool enabled on win32k.sys due to a use-after-free condition. The bug appears to be a race condition between two threads and multiple runs on the PoC might be required to trigger the bug. This is more reliable on systems with multiple cores.

Mitigation:

Enabling Special Pool on win32k.sys can help mitigate the vulnerability.
Source

Exploit-DB raw data:

Source: https://code.google.com/p/google-security-research/issues/detail?id=509

The attached testcase crashes Window 7 32-bit with Special Pool enabled on win32k.sys due to a use-after-free condition. The bug appears to be a race condition between two threads and multiple runs on the PoC might be required to trigger the bug. This is more reliable on systems with multiple cores.
---


Proof of Concept:
https://gitlab.com/exploit-database/exploitdb-bin-sploits/-/raw/main/bin-sploits/38795.zip

Navigation

Suggest Exploit

Services By CQR