Upgrade your account to access Premium section
Access to DarkForums Private Archive Telegram Channel
Join the new Telegram channel to stay updated on the latest news

DOCUMENTS Windows Local Privilege Escalation CVE-2024-30088
by n3od4y - 07-08-24, 10:56 AM
DarkForums Members Offline
Members

Posts 6
Threads 0
Joined Jul 2025
Reputation 0
5 Months
#21
29-07-25, 05:49 PM
thxxx
Reply
DarkForums Members Offline
Members

Posts 48
Threads 0
Joined Jul 2025
Reputation 1
5 Months
#22
30-07-25, 06:15 AM
Ty sm
Reply
DarkForums Members Offline
Members

Posts 33
Threads 0
Joined Oct 2025
Reputation 0
2 Months
#23
24-10-25, 09:33 AM
ขอบคุณครับ
Reply
DarkForums Members Offline
Members

Posts 10
Threads 0
Joined Dec 2025
Reputation 0
5 days
#24
22-12-25, 12:42 AM
(07-08-24, 10:56 AM)n3od4y Wrote: When performing copy the SecurityAttributesList, the kernel setup the list of SecurityAttribute's structure *directly* to the user supplied pointer. After that, it calls to RtlCopyUnicodeString and AuthzBasepCopyoutInternalSecurityAttributeValues functions to copy out name and value of the SecurityAttribute structure, leading to multiple TOCTOU in this function

tty
Reply
DarkForums Members Offline
Members

Posts 2
Threads 0
Joined Oct 2025
Reputation 0
2 Months
#25
24-12-25, 01:12 PM
(07-08-24, 10:56 AM)n3od4y Wrote: When performing copy the SecurityAttributesList, the kernel setup the list of SecurityAttribute's structure *directly* to the user supplied pointer. After that, it calls to RtlCopyUnicodeString and AuthzBasepCopyoutInternalSecurityAttributeValues functions to copy out name and value of the SecurityAttribute structure, leading to multiple TOCTOU in this function
Reply


Forum Jump:


 Users browsing this thread: 5 Guest(s)