Multiple vulnerabilities in Microsoft Windows kernel

Published: 2018-12-11
Severity Low
Patch available YES
Number of vulnerabilities 7
CVE ID CVE-2018-8649
CVE-2018-8641
CVE-2018-8639
CVE-2018-8637
CVE-2018-8622
CVE-2018-8621
CVE-2018-8477
CWE ID CWE-119
CWE-125
Exploitation vector Local
Public exploit N/A
Vulnerable software Windows Subscribe
Windows Server
Vendor Microsoft

Security Advisory

1) Buffer overflow

Severity: Low

CVSSv3: 5.7 [CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:C/C:N/I:N/A:H/E:U/RL:O/RC:C] [PCI]

CVE-ID: CVE-2018-8649

CWE-ID: CWE-119 - Improper Restriction of Operations within the Bounds of a Memory Buffer

Description

The vulnerability allows a local user to perform denial of service (DoS) attack.

The vulnerability exists due to a boundary error n Windows kernel. A local unprivileged user can cause the Windows kernel to crash.

Mitigation

Install updates from vendor's website.

Vulnerable software versions

Windows: 10 1809

Windows Server: 2019

CPE External links

https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2018-8649

Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

2) Buffer overflow

Severity: Low

CVSSv3: 7.7 [CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H/E:U/RL:O/RC:C] [PCI]

CVE-ID: CVE-2018-8641

CWE-ID: CWE-119 - Improper Restriction of Operations within the Bounds of a Memory Buffer

Description

The vulnerability allows a local user to execute arbitrary code with escalated privileges.

The vulnerability exists due to a boundary error in Windows kernel-mode driver win32k.sys. A local user can use a specially crafted application to execute arbitrary code with SYSTEM privileges.

Mitigation

Install updates from vendor's website.

Vulnerable software versions

Windows: 7, 8.1, 10, 10 1607, 10 1703, 10 1709, 10 1803, 10 1809, RT 8.1

Windows Server: 1709, 1803, 2008, 2008 R2, 2012, 2012 R2, 2016, 2019

CPE External links

https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2018-8641

Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

3) Memory corruption

Severity: Low

CVSSv3: 7.7 [CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H/E:U/RL:O/RC:C] [PCI]

CVE-ID: CVE-2018-8639

CWE-ID: CWE-119 - Improper Restriction of Operations within the Bounds of a Memory Buffer

Description

The vulnerability allows a local user to gain elevated privileges on the target system.

The vulnerability exists due to a boundary error in Windows kernel-mode driver win32k.sys. A local user can use a specially crafted application to execute arbitrary code with SYSTEM privileges.

Mitigation

Install updates from vendor's website.

Vulnerable software versions

Windows: 7, 8.1, 10, 10 1607, 10 1703, 10 1709, 10 1803, 10 1809, RT 8.1

Windows Server: 1709, 1803, 2008, 2008 R2, 2012, 2012 R2, 2016, 2019

CPE External links

https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2018-8639

Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

4) Out-of-bounds read

Severity: Low

CVSSv3: 3.3 [CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:C/C:L/I:N/A:N/E:U/RL:O/RC:C]

CVE-ID: CVE-2018-8637

CWE-ID: CWE-125 - Out-of-bounds Read

Description

The vulnerability allows a local user to gain access to potentially sensitive information.

The vulnerability exists due to a boundary condition Windows kernel. A local user can run a specially crafted application to read contests from kernel memory and use the information to bypass Kernel Address Space Layout Randomization (KASLR) protection.

Mitigation

Install updates from vendor's website.

Vulnerable software versions

Windows: 10 1803, 10 1809

Windows Server: 1803, 2019

CPE External links

https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2018-8637

Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

5) Out-of-bounds read

Severity: Low

CVSSv3: 3.3 [CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:C/C:L/I:N/A:N/E:U/RL:O/RC:C]

CVE-ID: CVE-2018-8622

CWE-ID: CWE-125 - Out-of-bounds Read

Description

The vulnerability allows a local user to gain access to potentially sensitive information.

The vulnerability exists due to a boundary condition in Windows kernel. A local user can read contents of kernel memory.

Mitigation

Install updates from vendor's website.

Vulnerable software versions

Windows: 7, 8.1, RT 8.1

Windows Server: 2008, 2008 R2, 2012, 2012 R2

CPE External links

https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2018-8622

Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

6) Out-of-bounds read

Severity: Low

CVSSv3: 3.3 [CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:C/C:L/I:N/A:N/E:U/RL:O/RC:C]

CVE-ID: CVE-2018-8621

CWE-ID: CWE-125 - Out-of-bounds Read

Description

The vulnerability allows a local user to gain access to potentially sensitive information.

The vulnerability exists due to a boundary condition in Windows kernel. A local user can read contents of kernel memory.

Mitigation

Install updates from vendor's website.

Vulnerable software versions

Windows Server: 2008 R2, 2012

Windows: 7

CPE External links

https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2018-8621

Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

7) Out-of-bounds read

Severity: Low

CVSSv3: 3.3 [CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:C/C:L/I:N/A:N/E:U/RL:O/RC:C]

CVE-ID: CVE-2018-8477

CWE-ID: CWE-125 - Out-of-bounds Read

Description

The vulnerability allows a local user to gain access to potentially sensitive information.

The vulnerability exists due to a boundary condition in Windows kernel. A local user can read contents of kernel memory.

Mitigation

Install updates from vendor's website.

Vulnerable software versions

Windows: 7, 8.1, 10, 10 1607, 10 1703, 10 1709, 10 1803, 10 1809, RT 8.1

Windows Server: 1709, 1803, 2008, 2008 R2, 2012, 2012 R2, 2016, 2019

CPE External links

https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2018-8477

Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.