Loading…
This event has ended. Create your own event on Sched.
Sunday, April 10 • 10:30am - 10:50am
Leaking Windows Kernel Pointers

Sign up or log in to save this to your schedule and see who's attending!

As part of reversing win32k.sys to understand the User-Mode Callback mechanism, I found several kernel information leaks. As it turns out, there were several situations where the kernel was readily returning kernel pointers to user land. This talk will be a brief introduction into how user-mode callbacks operate, a description of the information leaks vulnerability and how prevalent they are, and then a detailed description of how to take advantage of CVE-2015-0094.

Speakers
avatar for WanderingGlitch

WanderingGlitch

Zero Day Initiative
WanderingGlitch is a vulnerability analyst and exploit developer for the Zero Day Initiative (ZDI) program. His primary role involves performing root cause analysis on ZDI submissions to determine exploitability, followed by developing exploits for accepted cases. Prior to being... Read More →


Sunday April 10, 2016 10:30am - 10:50am
Ballroom A

Attendees (4)