Microsoft Windows 10 Kernel disclosure vulnerability [CVE-2020-0791]

CVE number – CVE-2020-0791

Microsoft Windows 10 Kernel SetMapMode MM_HIENGLISH information disclosure vulnerability

An exploitable information disclosure vulnerability exists in the kernel of Microsoft Windows 10 Insider Preview Fast and Stable.

A specially crafted executable can cause an out-of-bounds read, resulting in information disclosure. To trigger this vulnerability, the attacker needs to execute a specially crafted executable.

With the lockdown of user-space application capabilities, Windows kernel’s attack surface presents a popular target for local privilege escalation exploits.

A vulnerability exists in the way window sizes are calculated. Triggering this vulnerability can be observed with special pool enabled in verifier for drivers from win32k.

While executing the supplied PoC, Windows kernel crashes inside vStrWrite01 from win32kfull.

Versions

Microsoft Corporation Windows 10 Kernel Insider Preview Fast
Microsoft Corporation Windows 10 Kernel Stable

Discovered by Marcin Towalski of Cisco Talos.

Jason Davies

UK based technology professional, with an interest in computer security and telecoms.

Leave a Reply

This site uses Akismet to reduce spam. Learn how your comment data is processed.

%d bloggers like this: