Advisory Details

March 19th, 2018

Microsoft Windows Palette Object Race Condition Information Disclosure Vulnerability

CVE ID	CVE-2018-0815
CVSS SCORE	5.6, AV:L/AC:L/Au:N/C:P/I:N/A:C
AFFECTED VENDORS	Microsoft
AFFECTED PRODUCTS	Windows
VULNERABILITY DETAILS	This vulnerability allows local attackers to disclose sensitive information on vulnerable installations of Microsoft Windows. An attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability. The specific flaw exists within the win32k.sys driver. During creation of a palette object, a race condition exists due to the failure to lock an object in memory between operations. An attacker can leverage this vulnerability to disclose sensitive information under the context of the kernel.
ADDITIONAL DETAILS	Microsoft has issued an update to correct this vulnerability. More details can be found at: https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2018-0815
DISCLOSURE TIMELINE	2017-12-01 - Vulnerability reported to vendor 2018-03-19 - Coordinated public release of advisory 2018-03-19 - Advisory Updated
CREDIT	Marcin Wiazowski

BACK TO ADVISORIES