CVE-2018-8401

Опубликовано: 15 авг. 2018

Источник: nvd

CVSS3: 7.8

CVSS2: 7.2

EPSS Низкий

Описание

An elevation of privilege vulnerability exists when the DirectX Graphics Kernel (DXGKRNL) driver improperly handles objects in memory, aka "DirectX Graphics Kernel Elevation of Privilege Vulnerability." This affects Windows Server 2016, Windows 10, Windows 10 Servers. This CVE ID is unique from CVE-2018-8400, CVE-2018-8405, CVE-2018-8406.

Ссылки

http://www.securityfocus.com/bid/105006
Third Party Advisory
VDB Entry
http://www.securitytracker.com/id/1041461
Third Party Advisory
VDB Entry
https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2018-8401
Patch
Vendor Advisory
http://www.securityfocus.com/bid/105006
Third Party Advisory
VDB Entry
http://www.securitytracker.com/id/1041461
Third Party Advisory
VDB Entry
https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2018-8401
Patch
Vendor Advisory

Уязвимые конфигурации

Конфигурация 1

Одно из

cpe:2.3:o:microsoft:windows_10:-:*:*:*:*:*:*:*

cpe:2.3:o:microsoft:windows_10:1607:*:*:*:*:*:*:*

cpe:2.3:o:microsoft:windows_10:1703:*:*:*:*:*:*:*

cpe:2.3:o:microsoft:windows_10:1709:*:*:*:*:*:*:*

cpe:2.3:o:microsoft:windows_10:1803:*:*:*:*:*:*:*

cpe:2.3:o:microsoft:windows_server_2016:-:*:*:*:*:*:*:*

cpe:2.3:o:microsoft:windows_server_2016:1709:*:*:*:*:*:*:*

cpe:2.3:o:microsoft:windows_server_2016:1803:*:*:*:*:*:*:*

EPSS

Процентиль: 74%

0.00854

Низкий

7.8 High

CVSS3

7.2 High

CVSS2

Дефекты

CWE-404

Связанные уязвимости

CVE-2018-8401

CVSS3: 7

msrc

почти 7 лет назад

DirectX Graphics Kernel Elevation of Privilege Vulnerability

GHSA-4x9p-q533-qww3