Логотип exploitDog
Консоль
Логотип exploitDog

exploitDog

msrc логотип

CVE-2021-31977

Опубликовано: 08 июн. 2021
Источник: msrc
CVSS3: 8.6
EPSS Низкий

Описание

Windows Hyper-V Denial of Service Vulnerability

FAQ

How might an attacker attempt to exploit this vulnerability?

By sending a specially crafted message to the Hyper-V host virtualization stack, a guest VM could cause a reference count in the host virtualization stack to be leaked. In most circumstances, this would result in a memory leak on the Hyper-V host. If the leaked reference count value were to overflow, reference count hardening built-in to the Hyper-V virtualization stack would cause the host to bugcheck (crash) in a controlled manner, mitigating this issue against exploitation for code execution or privilege elevation.

Обновления

ПродуктСтатьяОбновление
Windows 10 for x64-based Systems
Windows Server 2016
Windows 10 Version 1607 for x64-based Systems
Windows Server 2016 (Server Core installation)
Windows 10 Version 1809 for x64-based Systems
Windows Server 2019
Windows Server 2019 (Server Core installation)
Windows 10 Version 1909 for x64-based Systems
Windows 10 Version 2004 for x64-based Systems
Windows Server, version 2004 (Server Core installation)

Показывать по

Возможность эксплуатации

Publicly Disclosed

No

Exploited

No

Latest Software Release

Exploitation Less Likely

Older Software Release

Exploitation Less Likely

DOS

N/A

EPSS

Процентиль: 89%
0.05071
Низкий

8.6 High

CVSS3

Связанные уязвимости

CVSS3: 8.6
nvd
около 4 лет назад

Windows Hyper-V Denial of Service Vulnerability

CVSS3: 8.6
github
около 3 лет назад

Windows Hyper-V Denial of Service Vulnerability

CVSS3: 7.5
fstec
около 4 лет назад

Уязвимость компонента Hyper-V операционной системы Windows, позволяющая нарушителю вызвать отказ в обслуживании

EPSS

Процентиль: 89%
0.05071
Низкий

8.6 High

CVSS3