Видео [BlackHat Europe 2022] Exploring a New Class of Kernel Exploit Primitive

[weaver]

Microsoft Security Response Center receives and examines many interesting bug classes. Often, the exploitability of those bugs is apparent, but this is not always the case. One interesting outlier is an arbitrary kernel pointer read primitive where the attacker cannot retrieve the content of the memory read. Traditionally, these would have an impact of Denial of Service (DoS) or in some cases a second-order Kernel Memory Information Disclosure (where side channels or indirect probing are possible) but could such a limited primitive actually be exploited for code execution / privilege escalation?

Слайды -> http://i.blackhat.com/EU-22/Thursda...g-a-New-Class-of-Kernel-Exploit-Primitive.pdf
Видео доклада отсутствует

 

[weaver]

Видео доклада подъехало