Windows Kernel 64-bit pool memory... CVE-2018-0899 CNNVD-201803-503

1.9 AV AC AU C I A
发布: 2018-03-14
修订: 2018-04-05

We have discovered a Windows kernel memory disclosure vulnerability through the body of "AllocConfig" registry values (of type REG_RESOURCE_LIST) corresponding to devices handled by videoprt.sys, which can be found under HKLM\SYSTEM\CurrentControlSet\Enum\*\*\*\Control\AllocConfig. The vulnerability affects 64-bit versions of Windows 7 to 10, and is very similar to Issue #1473 . The leak was originally detected under the following stack trace (Windows 7): ``` kd> k # Child-SP RetAddr Call Site 00 fffff880`020a68a8 fffff800`0295bdaa nt!memcpy+0x3 01 fffff880`020a68b0 fffff800`0295c30f nt!CmpQueryKeyValueData+0xea 02 fffff880`020a6940 fffff800`0296107f nt!CmQueryValueKey+0x1af 03 fffff880`020a6a20 fffff800`0268d093 nt!NtQueryValueKey+0x37d 04 fffff880`020a6bb0 00000000`772abeaa nt!KiSystemServiceCopyEnd+0x13 05 00000000`007aeb18 00000000`77153dec ntdll!ZwQueryValueKey+0xa 06 00000000`007aeb20 00000000`77153ff2 kernel32!LocalBaseRegQueryValue+0x17c 07 00000000`007aeca0...

0%
当前有1条漏洞利用/PoC
当前有14条受影响产品信息