Description
Windows Subsystem for Linux in Windows 10 version 1703, Windows 10 version 1709, and Windows Server, version 1709 allows an elevation of privilege vulnerability due to the way objects are handled in memory, aka "Windows Subsystem for Linux Elevation of Privilege Vulnerability".
Affected products
- Microsoft Corporation / Windows Subsystem for LinuxWindows 10 version 1703, Windows 10 version1709, and Windows Server, version 1709 – Windows 10 version 1703, Windows 10 version1709, and Windows Server, version 1709
References
- MISChttp://www.securitytracker.com/id/1040094
- MISChttps://github.com/saaramar/execve_exploit
- MISChttps://twitter.com/AmarSaar/status/948892321755598848
- EXPLOIThttps://www.exploit-db.com/exploits/43962/
- VENDOR_ADVISORYhttps://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2018-0743
- MISChttp://www.securityfocus.com/bid/102350