Microsoft Windows Kernel CVE-2018-8897 Local Privilege Escalation Vulnerability
BID:104071
CVE-2018-8897 |Info
Microsoft Windows Kernel CVE-2018-8897 Local Privilege Escalation Vulnerability
| Bugtraq ID: | 104071 |
| Class: | Design Error |
| CVE: |
CVE-2018-8897 |
| Remote: | No |
| Local: | Yes |
| Published: | May 08 2018 12:00AM |
| Updated: | May 17 2018 06:00AM |
| Credit: | Nick Peterson, Everdox Tech LLC |
| Vulnerable: |
VMWare vSphere Integrated Containers 1.3.1 VMWare vSphere Integrated Containers 1.3 VMWare vSphere Integrated Containers 1.2 VMWare vSphere Integrated Containers 1.1 VMWare vSphere Integrated Containers 1.0 VMWare vSphere Data Protection 0 VMWare vRealize Automation 7.4 VMWare vRealize Automation 7.3.1 VMWare vRealize Automation 7.2 VMWare vRealize Automation 6.2.5 VMWare vRealize Automation 6.2.4 VMWare vRealize Automation 7.3.0 VMWare vRealize Automation 7.1 VMWare vRealize Automation 7.0 VMWare vRealize Automation 6.2.4.1 VMWare vRealize Automation 6.2 VMWare vRealize Automation 6.1 VMWare vRealize Automation 6.0 VMWare vCenter Server 6.7 VMWare vCenter Server 6.5 VMWare vCenter Server 6.0 VMWare Identity Manager 0 Ubuntu Ubuntu Linux 17.10 Ubuntu Ubuntu Linux 16.04 LTS Ubuntu Ubuntu Linux 14.04 LTS Ubuntu Ubuntu Linux 12.04 ESM Synology Virtual DSM 0 Synology SkyNAS 0 Synology Dsm 6.1 Synology Dsm 6.0 Redhat MRG Realtime for RHEL 6 Server 2 Redhat Enterprise Linux Server TUS 7.2 Redhat Enterprise Linux Server TUS 6.6 Redhat Enterprise Linux Server - Extended Update Support 7.4 Redhat Enterprise Linux Server - Extended Update Support 6.7 Redhat Enterprise Linux Long Life 5.9.server Redhat Enterprise Linux Extended Update Support 7.3 Redhat Enterprise Linux 7 Redhat Enterprise Linux 6 Microsoft Windows Server 2016 0 Microsoft Windows Server 2012 R2 0 Microsoft Windows Server 2012 0 Microsoft Windows Server 2008 R2 for x64-based Systems SP1 Microsoft Windows Server 2008 R2 for Itanium-based Systems SP1 Microsoft Windows Server 2008 for x64-based Systems SP2 Microsoft Windows Server 2008 for Itanium-based Systems SP2 Microsoft Windows Server 2008 for 32-bit Systems SP2 Microsoft Windows Server 1803 0 Microsoft Windows Server 1709 0 Microsoft Windows RT 8.1 Microsoft Windows 8.1 for x64-based Systems 0 Microsoft Windows 8.1 for 32-bit Systems 0 Microsoft Windows 7 for x64-based Systems SP1 Microsoft Windows 7 for 32-bit Systems SP1 Microsoft Windows 10 Version 1803 for x64-based Systems 0 Microsoft Windows 10 Version 1803 for 32-bit Systems 0 Microsoft Windows 10 version 1709 for x64-based Systems 0 Microsoft Windows 10 version 1709 for 32-bit Systems 0 Microsoft Windows 10 version 1703 for x64-based Systems 0 Microsoft Windows 10 version 1703 for 32-bit Systems 0 Microsoft Windows 10 Version 1607 for x64-based Systems 0 Microsoft Windows 10 Version 1607 for 32-bit Systems 0 Microsoft Windows 10 for x64-based Systems 0 Microsoft Windows 10 for 32-bit Systems 0 Linux kernel 4.16.3 Linux kernel 4.15.11 Linux kernel 4.15.9 Linux kernel 4.15.4 Linux kernel 4.14.13 Linux kernel 4.14.11 Linux kernel 4.14.10 Linux kernel 4.14.6 Linux kernel 4.14.5 Linux kernel 4.14.1 Linux kernel 4.13.11 Linux kernel 4.13.10 Linux kernel 4.13.9 Linux kernel 4.13.8 Linux kernel 4.13.7 Linux kernel 4.13.6 Linux kernel 4.13.4 Linux kernel 4.13.3 Linux kernel 4.12.9 Linux kernel 4.12.4 Linux kernel 4.12.3 Linux kernel 4.12.2 Linux kernel 4.11.9 Linux kernel 4.11.5 Linux kernel 4.11.4 Linux kernel 4.11.3 Linux kernel 4.11.2 Linux kernel 4.11.1 Linux kernel 4.11 Linux kernel 4.10.15 Linux kernel 4.10.13 Linux kernel 4.10.12 Linux kernel 4.10.10 Linux kernel 4.10.6 Linux kernel 4.10.4 Linux kernel 4.10 Linux kernel 4.9.74 Linux kernel 4.9.71 Linux kernel 4.9.68 Linux kernel 4.9.36 Linux kernel 4.9.13 Linux kernel 4.9.8 Linux kernel 4.9.4 Linux kernel 4.9.3 Linux kernel 4.4.105 Linux kernel 4.4.30 Linux kernel 4.4.29 Linux kernel 4.4.28 Linux kernel 4.4.27 Linux kernel 4.4.25 Linux kernel 4.4.24 Linux kernel 4.4.23 Linux kernel 4.4.22 Linux kernel 4.4.7 Linux kernel 4.4.2 Linux kernel 4.1.47 Linux kernel 4.1.4 Linux kernel 4.1.1 Linux kernel 3.16.7 Linux kernel 3.16.2 Linux kernel 3.16.1 Linux kernel 3.2.82 Linux kernel 3.2.72 Linux kernel 3.2.62 Linux kernel 3.2.57 Linux kernel 3.2.56 Linux kernel 3.2.51 Linux kernel 3.2.24 Linux kernel 3.2.23 Linux kernel 3.2.13 Linux kernel 3.2.12 Linux kernel 3.2.9 Linux kernel 3.2.1 Linux kernel 4.9.9 Linux kernel 4.9.11 Linux kernel 4.4.38 Linux kernel 4.4.26 Linux kernel 4.4.14 Linux kernel 4.4.1 Linux kernel 4.15.8 Linux kernel 4.15.7 Linux kernel 4.15 Linux kernel 4.14.8 Linux kernel 4.14.7 Linux kernel 4.14.4 Linux kernel 4.14.3 Linux kernel 4.14.2 Linux kernel 4.14.15 Linux kernel 4.14.14 Linux kernel 4.14 Linux kernel 4.13.5 Linux kernel 4.13.2 Linux kernel 4.13.1 Linux kernel 4.13 Linux kernel 4.12.10 Linux kernel 4.12.1 Linux kernel 4.12-rc1 Linux kernel 4.12 Linux kernel 4.11.8 Linux kernel 4.11.7 Linux kernel 4.11 Linux kernel 4.10.9 Linux kernel 4.10.8 Linux kernel 4.10.7 Linux kernel 4.10.5 Linux kernel 4.10.3 Linux kernel 4.10.2 Linux kernel 4.10.11 Linux kernel 4.10.1 Linux kernel 4.10-rc8 Linux kernel 4.10-rc1 Linux kernel 4.1.15 Linux kernel 4.1 Linux kernel 3.2.81 Linux kernel 3.2.78 Linux kernel 3.2.65 Linux kernel 3.2.64 Linux kernel 3.2.63-2 Linux kernel 3.2.63 Linux kernel 3.2.60 Linux kernel 3.2.55 Linux kernel 3.2.54 Linux kernel 3.2.53 Linux kernel 3.2.52 Linux kernel 3.2.50 Linux kernel 3.2.44 Linux kernel 3.2.42 Linux kernel 3.2.38 Linux kernel 3.2.2 Linux kernel 3.16.6 Linux kernel 3.16.36 Linux kernel 3.16.0-28 Linux kernel 3.16 FreeBSD Freebsd 11.2 FreeBSD Freebsd 11.1-RELEASE-p9 FreeBSD Freebsd 11.1-RELEASE-p7 FreeBSD Freebsd 11.1-RELEASE-p4 FreeBSD Freebsd 11.1 FreeBSD Freebsd 10.4-RELEASE-p8 FreeBSD Freebsd 10.4-RELEASE-p6 FreeBSD Freebsd 10.4-RELEASE-p3 FreeBSD Freebsd 10.4 Debian Linux 6.0 sparc Debian Linux 6.0 s/390 Debian Linux 6.0 powerpc Debian Linux 6.0 mips Debian Linux 6.0 ia-64 Debian Linux 6.0 ia-32 Debian Linux 6.0 arm Debian Linux 6.0 amd64 Apple macOS 10.13.4 |
| Not Vulnerable: |
Linux kernel 4.15.14 Linux kernel 4.14.31 Linux kernel 4.9.91 Linux kernel 4.4.125 FreeBSD Freebsd 11.2-PRERELEASE FreeBSD Freebsd 11.1-RELEASE-p10 FreeBSD Freebsd 10.4-STABLE FreeBSD Freebsd 10.4-RELEASE-p9 Apple macOS Security Update 2018 |
Discussion
Microsoft Windows Kernel CVE-2018-8897 Local Privilege Escalation Vulnerability
Microsoft Windows is prone to a local privilege-escalation vulnerability.
An attacker can exploit this issue to execute arbitrary code with elevated privileges.
Microsoft Windows is prone to a local privilege-escalation vulnerability.
An attacker can exploit this issue to execute arbitrary code with elevated privileges.
Exploit / POC
Microsoft Windows Kernel CVE-2018-8897 Local Privilege Escalation Vulnerability
Currently, we are not aware of any working exploits. If you feel we are in error or if you are aware of more recent information, please mail us at: [email protected].
Currently, we are not aware of any working exploits. If you feel we are in error or if you are aware of more recent information, please mail us at: [email protected].
Solution / Fix
Microsoft Windows Kernel CVE-2018-8897 Local Privilege Escalation Vulnerability
Solution:
Updates are available. Please see the references or vendor advisory for more information.
Solution:
Updates are available. Please see the references or vendor advisory for more information.
References
Microsoft Windows Kernel CVE-2018-8897 Local Privilege Escalation Vulnerability
References:
References:
- CVE-2018-8897 (Red Hat Bugzilla)
- Microsoft Homepage (Microsoft)
- Security Update 2018-001 (Apple)
- APPLE-SA-2018-05-08-1 Additional information for APPLE-SA-2018-04-24-2 Security (Apple)
- Bug 1567074 - (CVE-2018-8897) CVE-2018-8897 Kernel: error in exception handling (Red Hat Bugzilla)
- CVE-2018-8897 | Windows Kernel Elevation of Privilege Vulnerability (Microsoft)
- Mishandling of x86 debug exceptions (FreeBSD)
- POP SS debug exception - CVE-2018-8897 [Moderate] & CVE-2018-1087 (Red Hat)
- Synology-SA-18:21 Linux kernel (Synology)
- USN-3641-1: Linux kernel vulnerabilities (ubuntu)
- USN-3641-2: Linux kernel vulnerabilities (ubuntu)
- VMware response to CVE-2018-8897 (54988) (VMware)
- Vulnerability Note VU#631579 Hardware debug exception documentation may result i (CERT)