Exploring a New Class of Kernel Exploit Primitive

  • Thread starter Thread starter MSRC
  • Start date Start date
M

MSRC

The security landscape is dynamic, changing often and as a result, attack surfaces evolve. MSRC receives a wide variety of cases spanning different products, bug types and exploit primitives. One particularly interesting primitive we see is an arbitrary kernel pointer read. These often happen when kernel mode code does not validate that pointers read from attacker-controlled input actually point to the user-mode portion of the Virtual Address Space (VAS).

Continue reading...
 
Back
Top