7 CVE-2024-38106
CISA Kev Catalog Patch
Windows Kernel Elevation of Privilege Vulnerability
https://nvd.nist.gov/vuln/detail/CVE-2024-38106
Categories
CWE-NVD-noinfo
CWE-591 : Sensitive Data Storage in Improperly Locked Memory
On Windows systems the VirtualLock function can lock a page of memory to ensure that it will remain present in memory and not be swapped to disk. However, on older versions of Windows, such as 95, 98, or Me, the VirtualLock() function is only a stub and provides no protection. On POSIX systems the mlock() call ensures that a page will stay resident in memory but does not guarantee that the page will not appear in the swap. Therefore, it is unsuitable for use as a protection mechanism for sensitive data. Some platforms, in particular Linux, do make the guarantee that the page will not be swapped, but this is non-standard and is not portable. Calls to mlock() also require supervisor privilege. Return values for both of these calls must be checked to ensure that the lock operation was actually successful.
References
secure@microsoft.com Patch
| https://msrc.microsoft.com/update-guide/vulnerability/CVE-2024-38106 Patch Vendor Advisory |
CPE
| cpe | start | end |
|---|---|---|
| Configuration 1 | ||
| cpe:2.3:o:microsoft:windows_10_1507:*:*:*:*:*:*:*:* | < 10.0.10240.20751 | |
| cpe:2.3:o:microsoft:windows_10_1607:*:*:*:*:*:*:*:* | < 10.0.14393.7259 | |
| cpe:2.3:o:microsoft:windows_10_1809:*:*:*:*:*:*:*:* | < 10.0.17763.6189 | |
| cpe:2.3:o:microsoft:windows_10_21h2:*:*:*:*:*:*:*:* | < 10.0.19044.4780 | |
| cpe:2.3:o:microsoft:windows_10_22h2:*:*:*:*:*:*:*:* | < 10.0.19045.4780 | |
| cpe:2.3:o:microsoft:windows_11_21h2:*:*:*:*:*:*:*:* | < 10.0.22000.3147 | |
| cpe:2.3:o:microsoft:windows_11_22h2:*:*:*:*:*:*:*:* | < 10.0.22621.4037 | |
| cpe:2.3:o:microsoft:windows_11_23h2:*:*:*:*:*:*:*:* | < 10.0.22631.4037 | |
| cpe:2.3:o:microsoft:windows_11_24h2:*:*:*:*:*:*:*:* | < 10.0.26100.1457 | |
| cpe:2.3:o:microsoft:windows_server_2016:*:*:*:*:*:*:*:* | < 10.0.14393.7259 | |
| cpe:2.3:o:microsoft:windows_server_2019:*:*:*:*:*:*:*:* | < 10.0.17763.6189 | |
| cpe:2.3:o:microsoft:windows_server_2022:*:*:*:*:*:*:*:* | < 10.0.20348.2655 | |
| cpe:2.3:o:microsoft:windows_server_2022_23h2:*:*:*:*:*:*:*:* | < 10.0.25398.1085 | |
REMEDIATION
Patch
| Url |
|---|
| https://msrc.microsoft.com/update-guide/vulnerability/CVE-2024-38106 |
EXPLOITS
Exploit-db.com
| id | description | date | |
|---|---|---|---|
| No known exploits | |||
POC Github
| Url |
|---|
| No known exploits |
Other Nist (github, ...)
| Url |
|---|
| No known exploits |
CAPEC
Common Attack Pattern Enumerations and Classifications
| id | description | severity |
|---|---|---|
| No entry | ||
Cybersecurity needs ?
Strengthen software security from the outset with our DevSecOps expertise
Integrate security right from the start of the software development cycle for more robust applications and greater customer confidence.
Our team of DevSecOps experts can help you secure your APIs, data pipelines, CI/CD chains, Docker containers and Kubernetes deployments.
