what you don't know can hurt you
Home Files News &[SERVICES_TAB]About Contact Add New
Showing 1 - 25 of 346 RSS Feed

Files from mjurczyk

Email addressmjurczyk at google.com
First Active2015-08-19
Last Active2024-04-11
Windows Kernel Subkey List Use-After-Free
Posted Apr 11, 2024
Authored by Google Security Research, mjurczyk

The Windows Kernel suffers from a subkey list use-after-free vulnerability due to a mishandling of partial success in CmpAddSubKeyEx.

tags | exploit, kernel
systems | windows
advisories | CVE-2024-26182
SHA-256 | 371f9505662bb6a768bb624f24a62e46fef4ad9feab889c6189fe75092e31989
Microsoft Windows Registry Predefined Keys Privilege Escalation
Posted Jan 11, 2024
Authored by Google Security Research, mjurczyk

Predefined keys in the Microsoft Windows Registry may lead to confused deputy problems and local privilege escalation.

tags | exploit, local, registry
systems | windows
advisories | CVE-2023-35356, CVE-2023-35633
SHA-256 | a4c3435d9c5e52f576c70ff4db3da2de108e219bbd349f1ce79de1a81c042945
Microsoft Windows Kernel Information Disclosure
Posted Jan 3, 2024
Authored by Google Security Research, mjurczyk

Any unprivileged, local user in Microsoft Windows can disclose whether a specific file, directory or registry key exists in the system or not, even if they do not have the open right to it or enumerate right to its parent.

tags | exploit, local, registry
systems | windows
SHA-256 | eba081f5682137a596749db83d8591dfa5e5d9dffadba5ca011381bdd72018c4
Windows Kernel Race Conditions
Posted Dec 14, 2023
Authored by Google Security Research, mjurczyk

The Microsoft Windows Kernel has an issue with bad locking in registry virtualization that can result in race conditions.

tags | exploit, kernel, registry
systems | windows
advisories | CVE-2023-36403
SHA-256 | 8cf51c7afd8e880ffabc644d09f791fed4bac36689d7102f629eb746b2c13124
Windows Kernel Information Disclosure
Posted Dec 8, 2023
Authored by Google Security Research, mjurczyk

The Microsoft Windows Kernel has a time-of-check / time-of-use issue in verifying layered key security which may lead to information disclosure from privileged registry keys.

tags | exploit, kernel, registry, info disclosure
systems | windows
advisories | CVE-2023-36404
SHA-256 | d827eb89d09814af2562b27f8d81aceb5f4a617c3fbb070846fd5b39ebfaa03e
Windows Kernel Containerized Registry Escape
Posted Nov 13, 2023
Authored by Google Security Research, mjurczyk

The Microsoft Windows kernel suffers from a containerized registry escape through integer overflows in VrpBuildKeyPath and other weaknesses.

tags | exploit, overflow, kernel, registry
systems | windows
advisories | CVE-2023-36576
SHA-256 | c1feae840787713bb89848cc8ba310ff0f5a1d43e23d59e1de207223ba6d1278
Microsoft Windows Kernel Out-Of-Bounds Reads / Memory Disclosure
Posted Oct 16, 2023
Authored by Google Security Research, mjurczyk

The Microsoft Windows Kernel suffers from out-of-bounds reads and paged pool memory disclosure in VrpUpdateKeyInformation.

tags | exploit, kernel
systems | windows
advisories | CVE-2023-36803
SHA-256 | c87a5d6aa220b6741ae4904759814e063965888e7a3ac2b1614f1cd3581ff6a2
Microsoft Windows Kernel Paged Pool Memory Disclosure
Posted Oct 16, 2023
Authored by Google Security Research, mjurczyk

The Microsoft Windows Kernel suffers from a paged pool memory disclosure in VrpPostEnumerateKey.

tags | exploit, kernel
systems | windows
advisories | CVE-2023-38140
SHA-256 | 349851510cbd7d10a7c2d7d53d9ff2f6105bc83bca4a0b424c2ec5e16ae09df1
Microsoft Windows Kernel Race Condition / Memory Corruption
Posted Oct 16, 2023
Authored by Google Security Research, mjurczyk

The Microsoft Windows Kernel passes user-mode pointers to registry callbacks, leading to race conditions and memory corruption.

tags | exploit, kernel, registry
systems | windows
advisories | CVE-2023-38141
SHA-256 | 57a9fd976b42cf097a3782222d89382836eb91d0a5a6fd4b8b16b49f2a40d715
Microsoft Windows Kernel Refcount Overflow / Use-After-Free
Posted Sep 29, 2023
Authored by Google Security Research, mjurczyk

The Microsoft Windows kernel does not reset security cache during self-healing, leading to refcount overflow and use-after-free conditions.

tags | exploit, overflow, kernel
systems | windows
advisories | CVE-2023-38139
SHA-256 | 4eb4fd48ea37a8b3e89dd2a59229350611f16a4367ff0dcf43fef634da02c00c
Microsoft Windows Kernel Recovery Memory Corruption
Posted Sep 8, 2023
Authored by Google Security Research, mjurczyk

The Microsoft Windows Kernel has an issue where a partial success of registry hive log recovery may lead to inconsistent state and memory corruption.

tags | exploit, kernel, registry
systems | windows
advisories | CVE-2023-38154
SHA-256 | 8d90d52ff176f1f9884d9ffea04d9338aa0c0d819ae01d9535ea91d209a17c4f
Microsoft Windows Kernel Integer Overflow / Out-Of-Bounds Read
Posted Sep 8, 2023
Authored by Google Security Research, mjurczyk

The Microsoft Windows Kernel suffers from out-of-bounds reads due to an integer overflow in registry .LOG file parsing.

tags | exploit, overflow, kernel, registry
systems | windows
advisories | CVE-2023-35386
SHA-256 | 2cb8dc117b540fd74b32ad5e82a39042ad150a5cea6b1be9d4e6170722bb1281
Microsoft Windows Kernel Use-After-Free
Posted Sep 2, 2023
Authored by Google Security Research, mjurczyk

Microsoft Windows Kernel renaming layered keys does not reference count security descriptors, leading to a use-after-free condition.

tags | exploit, kernel
systems | windows
advisories | CVE-2023-35382
SHA-256 | 07ccb330f6ce87a10f6763766477dee076f0af9a3d5ca41262bb308dae53fe47
Microsoft Windows Kernel Security Descriptor Use-After-Free
Posted Aug 10, 2023
Authored by Google Security Research, mjurczyk

The Microsoft Windows Kernel CmDeleteLayeredKey may delete predefined tombstone keys, leading to security descriptor use-after-free.

tags | exploit, kernel
systems | windows
advisories | CVE-2023-35356
SHA-256 | a393bdd205b55a25a4010667d7d283c1bd373af4b7bb30a36f33608cf1edeb3f
Microsoft Windows Kernel Unsafe Reference
Posted Aug 10, 2023
Authored by Google Security Research, mjurczyk

The Microsoft Windows Kernel may reference rolled-back transacted keys through differencing hives.

tags | exploit, kernel
systems | windows
advisories | CVE-2023-35358
SHA-256 | b39149935b26f2a93874ead5ff16c8bafcc4acc7b2b341ba68ed2751bb86aa82
Microsoft Windows Kernel Unsafe Reference
Posted Aug 10, 2023
Authored by Google Security Research, mjurczyk

The Microsoft Windows Kernel may reference unbacked layered keys through registry virtualization.

tags | exploit, kernel, registry
systems | windows
advisories | CVE-2023-35357
SHA-256 | 7b5280c111b616102ccc14ddef413c7f8bbeeb1ba04df2aa047b88bdfe97d452
Microsoft Windows Kernel Arbitrary Read
Posted Aug 10, 2023
Authored by Google Security Research, mjurczyk

There is a Microsoft Windows Kernel arbitrary read that can be performed by accessing predefined keys through differencing hives.

tags | exploit, arbitrary, kernel
systems | windows
advisories | CVE-2023-35356
SHA-256 | 492807027a3cf7a8d886110c04d56bed4abbb83ec85e31ab445e48ddc7826fce
Windows Kernel KTM Registry Transactions Non-Atomic Outcomes
Posted Jul 5, 2023
Authored by Google Security Research, mjurczyk

Due to some design problems in how transactions are implemented in the registry, it is possible for a low-privileged local attacker to force a non-atomic outcome of a transaction used by another high-privileged process in the system.

tags | exploit, local, registry
advisories | CVE-2023-32019
SHA-256 | b0795c7263336afd69a53bbf47a57747eb1f8d4323fcb570f007bee06c510954
Windows Kernel CmpDoReDoCreateKey / CmpDoReOpenTransKey Out-Of-Bounds Read
Posted May 11, 2023
Authored by Google Security Research, mjurczyk

The Windows kernel suffers from out-of-bounds read vulnerabilities when operating on invalid registry paths in CmpDoReDoCreateKey / CmpDoReOpenTransKey.

tags | exploit, kernel, registry, vulnerability
systems | windows
advisories | CVE-2023-21776, CVE-2023-28293
SHA-256 | 76ec9aa7a319065af82cafdd465533228021c8f1589b7dfe874c3ed0033910d0
Windows Kernel Uninitialized Memory / Pointer Disclosure
Posted May 11, 2023
Authored by Google Security Research, mjurczyk

The Windows Kernel suffers from a disclosure of kernel pointers and uninitialized memory through registry KTM transaction log files.

tags | exploit, kernel, registry
systems | windows
advisories | CVE-2023-28271
SHA-256 | d28ae7b6f77689b87212fa778ce097dbeda0292d731f4abdb493b75f067884e7
Windows Kernel CmpCleanupLightWeightPrepare Use-After-Free
Posted May 11, 2023
Authored by Google Security Research, mjurczyk

In Windows Registry, security descriptors are shared by multiple keys, and thus reference counted via the _CM_KEY_SECURITY.ReferenceCount field. It is critical for system security that the kernel correctly keeps track of the references, so that the sum of the ReferenceCount fields is equal to the number of keys in the hive at all times (with small exceptions for things like transacted and not yet committed operations etc.). If the ReferenceCount of any descriptor drops below the true number of its active references, it may result in a use-after-free condition and memory corruption. Similarly, if the field becomes inadequately large, it may be possible to overflow it and also trigger a use-after-free. A bug of the latter type is described in this report.

tags | exploit, overflow, kernel, registry
systems | windows
advisories | CVE-2023-28248
SHA-256 | 4666052c91d73ebc181951a754ead95069fc09d5df87c094776106c9e9edc90e
Microsoft Windows Kernel New Registry Key name Insufficient Validation
Posted Apr 13, 2023
Authored by Google Security Research, mjurczyk

The Microsoft Windows Kernel has insufficient validation of new registry key names in transacted NtRenameKey.

tags | exploit, kernel, registry
systems | windows
advisories | CVE-2023-23420
SHA-256 | ba4961014d277f2fb882589dbc8a7ae2231b9cbad4ecebf074ca3f4b40c660cc
Microsoft Windows Kernel Transactional Registry Key Rename Issues
Posted Apr 13, 2023
Authored by Google Security Research, mjurczyk

The Microsoft Windows Kernel suffers from multiple issues in the prepare/commit phase of a transactional registry key rename.

tags | exploit, kernel, registry
systems | windows
advisories | CVE-2023-23421, CVE-2023-23422, CVE-2023-23423
SHA-256 | 7c97ca8d9eaa67f309b42a02ec5443fcab57797d0ac534a80dbe853a97cb2939
Windows Kernel Registry Key Issue
Posted Apr 10, 2023
Authored by Google Security Research, mjurczyk

The Microsoft Windows kernel suffers from multiple issues with subkeys of transactionally renamed registry keys.

tags | exploit, kernel, registry
systems | windows
advisories | CVE-2023-23420
SHA-256 | a73d43acd9edc53a2cab893ea9e5bb5beca43de488582970092616f1af85341c
Windows Kernel Registry Virtualization Incompatibility
Posted Feb 10, 2023
Authored by Google Security Research, mjurczyk

The Microsoft Windows kernel registry virtualization can be incompatible with transactions, leading to inconsistent hive state and memory corruption issues.

tags | exploit, kernel, registry
systems | windows
advisories | CVE-2023-21748
SHA-256 | ad3989abfbd2b1064cf77a22452e621958457c972d00e1fb36536a6dcdb01abb
Page 1 of 14
Back12345Next

File Archive:

May 2024

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    May 1st
    44 Files
  • 2
    May 2nd
    5 Files
  • 3
    May 3rd
    11 Files
  • 4
    May 4th
    0 Files
  • 5
    May 5th
    0 Files
  • 6
    May 6th
    28 Files
  • 7
    May 7th
    3 Files
  • 8
    May 8th
    4 Files
  • 9
    May 9th
    54 Files
  • 10
    May 10th
    12 Files
  • 11
    May 11th
    0 Files
  • 12
    May 12th
    0 Files
  • 13
    May 13th
    17 Files
  • 14
    May 14th
    11 Files
  • 15
    May 15th
    17 Files
  • 16
    May 16th
    13 Files
  • 17
    May 17th
    22 Files
  • 18
    May 18th
    0 Files
  • 19
    May 19th
    0 Files
  • 20
    May 20th
    0 Files
  • 21
    May 21st
    0 Files
  • 22
    May 22nd
    0 Files
  • 23
    May 23rd
    0 Files
  • 24
    May 24th
    0 Files
  • 25
    May 25th
    0 Files
  • 26
    May 26th
    0 Files
  • 27
    May 27th
    0 Files
  • 28
    May 28th
    0 Files
  • 29
    May 29th
    0 Files
  • 30
    May 30th
    0 Files
  • 31
    May 31st
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2022 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close