tags: hypervisorOOB_readbindiff original link: Hyper-V 1-day Class: CVE-2024-38127 newsletter link: exploits.club Weekly Newsletter 39 - bug.directory, Fuzzing Successes, SLUB Internals, and More
Exploits Club Summary:
A quick and fun RCA for a recent Hyper-V OOB read patched by Microsoft. The post starts with a quick overview of the vulnerability itself, which occurs in
vhdmp.sys
and results from the incorrect calculation of an output buffer size, resulting in the read out of bounds. The post then walks through a quick PoC for the bug, before discussing the patch put in place. As mentioned by the author, this was labeled as severe and potentially useable for an EoP which might not quite be the case.