header-logo
Suggest Exploit
vendor:
Unknown
by:
Google Security Research
7,8
CVSS
HIGH
Memory Access
119
CWE
Product Name: Unknown
Affected Version From: Unknown
Affected Version To: Unknown
Patch Exists: Unknown
Related CWE: Unknown
CPE: Unknown
Metasploit: N/A
Other Scripts: N/A
Tags: N/A
CVSS Metrics: N/A
Nuclei References: N/A
Nuclei Metadata: N/A
Platforms Tested: Windows
Unknown

Freed memory is accessed after switching between two desktops of which one is closed

This vulnerability occurs when a user switches between two desktops of which one is closed. The testcase crashes with and without special pool enabled. The attached crash output is with special enabled on win32k.sys and ntoskrnl.sys.

Mitigation:

Ensure that all desktops are closed before switching between them.
Source

Exploit-DB raw data:

Source: https://code.google.com/p/google-security-research/issues/detail?id=335

Freed memory is accessed after switching between two desktops of which one is closed. The testcase crashes with and without special pool enabled. The attached crash output is with special enabled on win32k.sys and ntoskrnl.sys.

Proof of Concept:
https://gitlab.com/exploit-database/exploitdb-bin-sploits/-/raw/main/bin-sploits/38267.zip

Navigation

Suggest Exploit

Services By CQR