CVE-2018-0968 | THREATINT

Assigner	microsoft
Reserved	2017-12-01
Published	2018-04-12
Updated	2024-08-05

Description

An information disclosure vulnerability exists in the Windows kernel that could allow an attacker to retrieve information that could lead to a Kernel Address Space Layout Randomization (ASLR) bypass, aka "Windows Kernel Information Disclosure Vulnerability." This affects Windows Server 2012 R2, Windows RT 8.1, Windows Server 2016, Windows 8.1, Windows 10, Windows 10 Servers. This CVE ID is unique from CVE-2018-0887, CVE-2018-0960, CVE-2018-0969, CVE-2018-0970, CVE-2018-0971, CVE-2018-0972, CVE-2018-0973, CVE-2018-0974, CVE-2018-0975.

Product status

(Server Core installation)

affected

Windows RT 8.1

affected

(Server Core installation)

affected

32-bit systems

affected

x64-based systems

affected

32-bit Systems

affected

Version 1511 for 32-bit Systems

affected

Version 1511 for x64-based Systems

affected

Version 1607 for 32-bit Systems

affected

Version 1607 for x64-based Systems

affected

Version 1703 for 32-bit Systems

affected

Version 1703 for x64-based Systems

affected

Version 1709 for 32-bit Systems

affected

Version 1709 for x64-based Systems

affected

x64-based Systems

affected

version 1709 (Server Core Installation)

affected

References

http://www.securityfocus.com/bid/103643 (103643) vdb-entry

http://www.securitytracker.com/id/1040657 (1040657) vdb-entry

https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2018-0968

https://www.exploit-db.com/exploits/44465/ (44465) exploit

cve.org CVE-2018-0968

nvd.nist.gov CVE-2018-0968

Download JSON