exploit the possibilities
Home Files News &[SERVICES_TAB]About Contact Add New
Showing 1 - 25 of 328 RSS Feed

Files from mjurczyk

Email addressmjurczyk at google.com
First Active2015-08-19
Last Active2023-05-11
Windows Kernel CmpDoReDoCreateKey / CmpDoReOpenTransKey Out-Of-Bounds Read
Posted May 11, 2023
Authored by Google Security Research, mjurczyk

The Windows kernel suffers from out-of-bounds read vulnerabilities when operating on invalid registry paths in CmpDoReDoCreateKey / CmpDoReOpenTransKey.

tags | exploit, kernel, registry, vulnerability
systems | windows
advisories | CVE-2023-21776, CVE-2023-28293
SHA-256 | 76ec9aa7a319065af82cafdd465533228021c8f1589b7dfe874c3ed0033910d0
Windows Kernel Uninitialized Memory / Pointer Disclosure
Posted May 11, 2023
Authored by Google Security Research, mjurczyk

The Windows Kernel suffers from a disclosure of kernel pointers and uninitialized memory through registry KTM transaction log files.

tags | exploit, kernel, registry
systems | windows
advisories | CVE-2023-28271
SHA-256 | d28ae7b6f77689b87212fa778ce097dbeda0292d731f4abdb493b75f067884e7
Windows Kernel CmpCleanupLightWeightPrepare Use-After-Free
Posted May 11, 2023
Authored by Google Security Research, mjurczyk

In Windows Registry, security descriptors are shared by multiple keys, and thus reference counted via the _CM_KEY_SECURITY.ReferenceCount field. It is critical for system security that the kernel correctly keeps track of the references, so that the sum of the ReferenceCount fields is equal to the number of keys in the hive at all times (with small exceptions for things like transacted and not yet committed operations etc.). If the ReferenceCount of any descriptor drops below the true number of its active references, it may result in a use-after-free condition and memory corruption. Similarly, if the field becomes inadequately large, it may be possible to overflow it and also trigger a use-after-free. A bug of the latter type is described in this report.

tags | exploit, overflow, kernel, registry
systems | windows
advisories | CVE-2023-28248
SHA-256 | 4666052c91d73ebc181951a754ead95069fc09d5df87c094776106c9e9edc90e
Microsoft Windows Kernel New Registry Key name Insufficient Validation
Posted Apr 13, 2023
Authored by Google Security Research, mjurczyk

The Microsoft Windows Kernel has insufficient validation of new registry key names in transacted NtRenameKey.

tags | exploit, kernel, registry
systems | windows
advisories | CVE-2023-23420
SHA-256 | ba4961014d277f2fb882589dbc8a7ae2231b9cbad4ecebf074ca3f4b40c660cc
Microsoft Windows Kernel Transactional Registry Key Rename Issues
Posted Apr 13, 2023
Authored by Google Security Research, mjurczyk

The Microsoft Windows Kernel suffers from multiple issues in the prepare/commit phase of a transactional registry key rename.

tags | exploit, kernel, registry
systems | windows
advisories | CVE-2023-23421, CVE-2023-23422, CVE-2023-23423
SHA-256 | 7c97ca8d9eaa67f309b42a02ec5443fcab57797d0ac534a80dbe853a97cb2939
Windows Kernel Registry Key Issue
Posted Apr 10, 2023
Authored by Google Security Research, mjurczyk

The Microsoft Windows kernel suffers from multiple issues with subkeys of transactionally renamed registry keys.

tags | exploit, kernel, registry
systems | windows
advisories | CVE-2023-23420
SHA-256 | a73d43acd9edc53a2cab893ea9e5bb5beca43de488582970092616f1af85341c
Windows Kernel Registry Virtualization Incompatibility
Posted Feb 10, 2023
Authored by Google Security Research, mjurczyk

The Microsoft Windows kernel registry virtualization can be incompatible with transactions, leading to inconsistent hive state and memory corruption issues.

tags | exploit, kernel, registry
systems | windows
advisories | CVE-2023-21748
SHA-256 | ad3989abfbd2b1064cf77a22452e621958457c972d00e1fb36536a6dcdb01abb
Windows Kernel Virtualizable Hive Key Deletion
Posted Feb 10, 2023
Authored by Google Security Research, mjurczyk

The Microsoft Windows kernel allows deletion of keys in virtualizable hives with KEY_READ and KEY_SET_VALUE access rights.

tags | exploit, kernel
systems | windows
advisories | CVE-2023-21750
SHA-256 | 11325236787bd3fc6dfacb61396e8f2e5b81355ef8a0da87112e34d1821a1ad8
Windows Kernsl SID Table Poisoning
Posted Feb 10, 2023
Authored by Google Security Research, mjurczyk

The Microsoft Windows kernel registry has a SID table poisoning problem that leads to bad locking and other issues.

tags | exploit, kernel, registry
systems | windows
advisories | CVE-2023-21749, CVE-2023-21776
SHA-256 | c61efe9fac6bb66fd179b7a7a24132f82e660151050984d2cf1aae1c81d256ae
Windows Kernel Key Replication Issues
Posted Feb 10, 2023
Authored by Google Security Research, mjurczyk

The Microsoft Windows kernel suffers from multiple security issues in the key replication feature of registry virtualization.

tags | exploit, kernel, registry
systems | windows
advisories | CVE-2023-21748, CVE-2023-21772, CVE-2023-21773, CVE-2023-21774
SHA-256 | c3387e7bd189cc7e8d8449ad27e2b524a0fc939d2cc467c5961cc148cdbb9019
Windows Kernel Dangling Registry Link Node Use-After-Free
Posted Feb 9, 2023
Authored by Google Security Research, mjurczyk

The Microsoft Windows kernel suffers from a use-after-free vulnerability due to a dangling registry link node under paged pool memory pressure.

tags | exploit, kernel, registry
systems | windows
advisories | CVE-2023-21747
SHA-256 | 54ec3add551cac7b508b2e8157d5a658c016115390f2b327d14cac78af270263
Windows Kernel Registry Virtualization Memory Corruption
Posted Feb 6, 2023
Authored by Google Security Research, mjurczyk

Microsoft Windows suffers from a kernel memory corruption due to an insufficient handling of predefined keys in registry virtualization.

tags | exploit, kernel, registry
systems | windows
advisories | CVE-2023-21675
SHA-256 | ded3419927998aaa3da4fea3f80263227d729920c448e2a3cf6f50b41f8c867d
Windows Kernel NtNotifyChangeMultipleKeys Use-After-Free
Posted Jan 12, 2023
Authored by Google Security Research, mjurczyk

The Windows Kernel suffers from a use-after-free vulnerability due to bad handling of predefined keys in NtNotifyChangeMultipleKeys.

tags | exploit, kernel
systems | windows
advisories | CVE-2022-44683
SHA-256 | e31318a053707141296573a167ad796cc33514ff394bc3820404fedfd9233256
Windows Kernel Long Registry Key / Value Out-Of-Bounds Read
Posted Nov 10, 2022
Authored by Google Security Research, mjurczyk

The Windows kernel suffers from out-of-bounds reads and other issues when operating on long registry key and value names.

tags | exploit, kernel, registry
systems | windows
advisories | CVE-2022-37991
SHA-256 | 8b59c6140909e13954c81f8ebbddfeb70a1e3eaf5675031e13f783c0db187379
Windows Kernel Long Registry Path Memory Corruption
Posted Nov 10, 2022
Authored by Google Security Research, mjurczyk

The Windows kernel suffers from multiple memory corruption vulnerabilities when operating on very long registry paths.

tags | exploit, kernel, registry, vulnerability
systems | windows
advisories | CVE-2022-38038
SHA-256 | 98287a2f682dd844bcaa8bbc51f70cb0d694e997a42fcb83f27b010fb379d61d
Windows Kernel Type Confusion Memory Corruption
Posted Nov 8, 2022
Authored by Google Security Research, mjurczyk

The Windows Kernel suffers from a memory corruption vulnerability due to type confusion of subkey index leaves in registry hives.

tags | exploit, kernel, registry
systems | windows
advisories | CVE-2022-38037
SHA-256 | 5243d82498c43a219718d01db84be2571a427237b6a4a54d1f50e487c8526fea
Windows Kernel Registry Use-After-Free
Posted Nov 7, 2022
Authored by Google Security Research, mjurczyk

The Windows kernel registry suffers from a use-after-free vulnerability due to bad handling of failed reallocations under memory pressure.

tags | exploit, kernel, registry
systems | windows
advisories | CVE-2022-37988
SHA-256 | 8bfa22378d9e50ef4b418d4748365b0da33423d42dc3533797aebf4653bedc6d
Windows Kernel Registry Subkey Lists Integer Overflow
Posted Oct 17, 2022
Authored by Google Security Research, mjurczyk

The Windows Kernel suffers from integer overflow vulnerabilities in its registry subkey lists leading to memory corruption.

tags | exploit, overflow, kernel, registry, vulnerability
systems | windows
advisories | CVE-2022-37956
SHA-256 | 4f2712bf388769633e54ee7cdd01205295aa838cb4c905e9fab301e7f201a73e
Windows Kernel Registry Hive Memory Problems
Posted Sep 9, 2022
Authored by Google Security Research, mjurczyk

The Windows kernel suffers from multiple memory problems when handling incorrectly formatted security descriptors in registry hives.

tags | exploit, kernel, registry
systems | windows
advisories | CVE-2022-35768
SHA-256 | 293c30cffcbb94043ce3d944e538e450e3725f0cfaac4a97ac6e1fd8f5cb1152
Windows Kernel Unchecked Blink Cell Index Invalid Read/Write
Posted Sep 9, 2022
Authored by Google Security Research, mjurczyk

The Windows kernel suffers from an invalid read/write condition due to an unchecked Blink cell index in the root security descriptor.

tags | exploit, kernel, root
systems | windows
advisories | CVE-2022-34708
SHA-256 | f5ef4884111855adc3fd46bc812f23d93a2b2cd3ea5d058dca7ff112e15a1d10
Windows Kernel Refcount Overflow Use-After-Free
Posted Sep 9, 2022
Authored by Google Security Research, mjurczyk

The Windows kernel suffers from a use-after-free vulnerability due to a refcount overflow in the registry hive security descriptors.

tags | exploit, overflow, kernel, registry
systems | windows
advisories | CVE-2022-34707
SHA-256 | 887d2c7083667658525f99cb11e9070e5fce0488ac2056ebd3b6c51b176ad7c3
Windows Kernel nt!MiRelocateImage Invalid Read
Posted Jul 15, 2022
Authored by Google Security Research, mjurczyk

The Microsoft Windows kernel suffers from an invalid read in nt!MiRelocateImage while parsing a malformed PE file.

tags | exploit, kernel
systems | windows
advisories | CVE-2022-30155
SHA-256 | 14cc97653808a5e83777838181351383480596c1a9ab0edd737615c558008d89
Apple ColorSync Out-Of-Bounds Read
Posted Jan 13, 2022
Authored by Google Security Research, mjurczyk

Apple ColorSync suffers from out-of-bounds read vulnerabilities due to integer overflows in curve table initialization.

tags | exploit, overflow, vulnerability
systems | apple
advisories | CVE-2021-30942
SHA-256 | 55736f35713879a403e9db74f555530baf0f44d465185f687162ed25742170f4
Apple ColorSync CMMNDimLinear::Interpolate Uninitialized Memory
Posted Nov 24, 2021
Authored by Google Security Research, mjurczyk

Apple ColorSync suffers from a use of uninitialized memory in CMMNDimLinear::Interpolate.

tags | exploit
systems | apple
advisories | CVE-2021-30917
SHA-256 | c6e92780fc2927adc2e9e480e3f3df311d03eb907303e5535429ca81152d95f9
Adobe Reader CoolType Arbitrary Stack Manipulation
Posted Mar 18, 2021
Authored by Google Security Research, mjurczyk

Adobe Reader suffers from a CoolType arbitrary stack manipulation vulnerability.

tags | exploit, arbitrary
advisories | CVE-2021-21086
SHA-256 | e6703e4405ade1d03a75e4857bf44ec5bae3db2765b274db11f9a3907aaa8cda
Page 1 of 14
Back12345Next

File Archive:

May 2023

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    May 1st
    15 Files
  • 2
    May 2nd
    16 Files
  • 3
    May 3rd
    38 Files
  • 4
    May 4th
    15 Files
  • 5
    May 5th
    35 Files
  • 6
    May 6th
    0 Files
  • 7
    May 7th
    0 Files
  • 8
    May 8th
    8 Files
  • 9
    May 9th
    65 Files
  • 10
    May 10th
    19 Files
  • 11
    May 11th
    27 Files
  • 12
    May 12th
    8 Files
  • 13
    May 13th
    0 Files
  • 14
    May 14th
    1 Files
  • 15
    May 15th
    19 Files
  • 16
    May 16th
    66 Files
  • 17
    May 17th
    28 Files
  • 18
    May 18th
    32 Files
  • 19
    May 19th
    13 Files
  • 20
    May 20th
    0 Files
  • 21
    May 21st
    0 Files
  • 22
    May 22nd
    23 Files
  • 23
    May 23rd
    15 Files
  • 24
    May 24th
    49 Files
  • 25
    May 25th
    20 Files
  • 26
    May 26th
    13 Files
  • 27
    May 27th
    0 Files
  • 28
    May 28th
    0 Files
  • 29
    May 29th
    0 Files
  • 30
    May 30th
    0 Files
  • 31
    May 31st
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2022 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close