SB2021101211 - Privilege escalation in Microsoft Windows kernel 

CSH
CYBERSECURITY HELP
Sign In REGISTER

Main Vulnerability Database SB2021101211

SB2021101211 - Privilege escalation in Microsoft Windows kernel

Published: October 12, 2021 Updated: October 18, 2021

Security Bulletin ID SB2021101211
Severity
High
Patch available
YES
Number of vulnerabilities 1
Exploitation vector Local access
Highest impact Code execution

Breakdown by Severity

High 100%
  • Low
  • Medium
  • High
  • Critical

Description

This security bulletin contains information about 1 security vulnerability.


1) Use-after-free (CVE-ID: CVE-2021-40449)

The vulnerability allows a local user to escalate privileges on the system.

The vulnerability exists due to a boundary error within the Win32k NtGdiResetDC function in Microsoft Windows kernel. A local user can run a specially crafted program to trigger a use-after-free error, when the function ResetDC is executed a second time for the same handle during execution of its own callback, and execute arbitrary code with elevated privileges.

Note, the vulnerability is being actively exploited in the wild.

Remediation

Install update from vendor's website.

References