#VU80683 Use-after-free in Windows and Windows Server - CVE-2023-36804
Published: September 12, 2023 / Updated: December 18, 2023
Vulnerability identifier: #VU80683
Vulnerability risk: Low
CVSSv4.0: CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear
CVE-ID: CVE-2023-36804
CWE-ID: CWE-416
Exploitation vector: Local access
Exploit availability:
No public exploit available
Vulnerable software:
Windows
Windows Server
Windows
Windows Server
Software vendor:
Microsoft
Microsoft
Description
The vulnerability allows a local user to escalate privileges on the system.
The vulnerability exists due to a use-after-free error in UMPDDrvStrokePath, UMPDDrvStrokeAndFillPath, UMPDDrvStrokeAndFillPath, UMPDDrvBitBlt, and UMPDDrvFillPath methods within the win32kfull driver. A local user can trigger a use-after-free error and execute arbitrary code on the system with kernel privileges.
Remediation
Install updates from vendor's website.
External links
- https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2023-36804
- https://www.zerodayinitiative.com/advisories/ZDI-23-1410/
- https://www.zerodayinitiative.com/advisories/ZDI-23-1409/
- https://www.zerodayinitiative.com/advisories/ZDI-23-1408/
- https://www.zerodayinitiative.com/advisories/ZDI-23-1407/
- https://www.zerodayinitiative.com/advisories/ZDI-23-1406/
- https://www.zerodayinitiative.com/advisories/ZDI-23-1535/
- https://www.zerodayinitiative.com/advisories/ZDI-23-1534/
- https://www.zerodayinitiative.com/advisories/ZDI-23-1587/
- https://www.zerodayinitiative.com/advisories/ZDI-23-1645/
- https://www.zerodayinitiative.com/advisories/ZDI-23-1644/
- https://www.zerodayinitiative.com/advisories/ZDI-23-1643/
- https://www.zerodayinitiative.com/advisories/ZDI-23-1642/
- https://www.zerodayinitiative.com/advisories/ZDI-23-1792/