Vulnerability Description
Windows Subsystem for Linux in Windows 10 version 1703, Windows 10 version 1709, and Windows Server, version 1709 allows an elevation of privilege vulnerability due to the way objects are handled in memory, aka "Windows Subsystem for Linux Elevation of Privilege Vulnerability".
CVSS Score
HIGH
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Microsoft | Windows 10 | 1703 |
| Microsoft | Windows Server 2016 | 1709 |
References
- http://www.securityfocus.com/bid/102350Third Party AdvisoryVDB Entry
- http://www.securitytracker.com/id/1040094Third Party AdvisoryVDB Entry
- https://github.com/saaramar/execve_exploitExploitPatchThird Party Advisory
- https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2018-0743PatchVendor Advisory
- https://twitter.com/AmarSaar/status/948892321755598848Third Party Advisory
- https://www.exploit-db.com/exploits/43962/ExploitThird Party AdvisoryVDB Entry
- http://www.securityfocus.com/bid/102350Third Party AdvisoryVDB Entry
- http://www.securitytracker.com/id/1040094Third Party AdvisoryVDB Entry
- https://github.com/saaramar/execve_exploitExploitPatchThird Party Advisory
- https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2018-0743PatchVendor Advisory
- https://twitter.com/AmarSaar/status/948892321755598848Third Party Advisory
- https://www.exploit-db.com/exploits/43962/ExploitThird Party AdvisoryVDB Entry
FAQ
What is CVE-2018-0743?
CVE-2018-0743 is a vulnerability with a CVSS score of 7.0 (HIGH). Windows Subsystem for Linux in Windows 10 version 1703, Windows 10 version 1709, and Windows Server, version 1709 allows an elevation of privilege vulnerability due to the way objects are handled in m...
How severe is CVE-2018-0743?
CVE-2018-0743 has been rated HIGH with a CVSS base score of 7.0/10. Review the CVSS metrics above for detailed severity breakdown.
Is there a patch for CVE-2018-0743?
Check the references section above for vendor advisories and patch information. Affected products include: Microsoft Windows 10, Microsoft Windows Server 2016.