Microsoft Windows Kernel Ring-0 Address Leak

It was discovered that it is possible to disclose addresses of kernel-mode Paged Pool allocations via a race-condition in the implementation of the NtQueryVirtualMemory system call (information class 2, MemoryMappedFilenameInformation). The vulnerability affects Windows 7 to 10, 32-bit and 64-bit.


MD5 | 4bb20d0c4e7b2208fd33f054d9383332


Related Posts