CVE-2021-34500
published 2021-07-14CVE-2021-34500: Windows Kernel Memory Information Disclosure Vulnerability
high7.7CVSS 3.1
AVNACLPRLUINSCCHINAN
Windows Kernel Memory Information Disclosure Vulnerability
Affected
46 ranges· showing 25
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| microsoft | windows_10 | — | — |
| microsoft | windows_10 | — | — |
| microsoft | windows_10 | — | — |
| microsoft | windows_10 | — | — |
| microsoft | windows_10 | — | — |
| microsoft | windows_10 | — | — |
| microsoft | windows_10_version_1507 | >= 10.0.0 < 10.0.10240.19204 | 10.0.10240.19204 |
| microsoft | windows_10_version_1607 | >= 10.0.0 < 10.0.14393.4946 | 10.0.14393.4946 |
| microsoft | windows_10_version_1809 | >= 10.0.0 < 10.0.17763.2061 | 10.0.17763.2061 |
| microsoft | windows_10_version_1909 | >= 10.0.0 < 10.0.18363.1679 | 10.0.18363.1679 |
| microsoft | windows_10_version_2004 | >= 10.0.0 < 10.0.19041.1110 | 10.0.19041.1110 |
| microsoft | windows_10_version_20h2 | >= 10.0.0 < 10.0.19042.1110 | 10.0.19042.1110 |
| microsoft | windows_10_version_21h1 | >= 10.0.0 < 10.0.19043.1110 | 10.0.19043.1110 |
| microsoft | windows_7 | >= 6.1.0 < 6.1.7601.25860 | 6.1.7601.25860 |
| microsoft | windows_7_service_pack_1 | >= 6.1.0 < 6.1.7601.25860 | 6.1.7601.25860 |
| microsoft | windows_8.1 | >= 6.3.0 < 6.3.9600.20269 | 6.3.9600.20269 |
| microsoft | windows_server_2008 | — | — |
| microsoft | windows_server_2008_r2_service_pack_1 | >= 6.0.0 < 6.1.7601.25860 | 6.1.7601.25860 |
| microsoft | windows_server_2008_r2_service_pack_1 | >= 6.1.0 < 6.1.7601.25860 | 6.1.7601.25860 |
| microsoft | windows_server_2008_service_pack_2 | >= 6.0.0 < 6.0.6003.21374 | 6.0.6003.21374 |
| microsoft | windows_server_2008_service_pack_2 | >= 6.0.0 < 6.0.6003.21372 | 6.0.6003.21372 |
| microsoft | windows_server_2012 | — | — |
| microsoft | windows_server_2012 | >= 6.2.0 < 6.2.9200.23605 | 6.2.9200.23605 |
| microsoft | windows_server_2012_r2 | >= 6.3.0 < 6.3.9600.20269 | 6.3.9600.20269 |
| microsoft | windows_server_2016 | — | — |
Microsoft
Windows Kernel Memory Information Disclosure Vulnerability
vendor_msrc·2021-07-13·CVSS 6.3
CVE-2021-34500 [MEDIUM] Windows Kernel Memory Information Disclosure Vulnerability
Windows Kernel Memory Information Disclosure Vulnerability
FAQ: What type of information could be disclosed by this vulnerability?
The type of information that could be disclosed if an attacker successfully exploited this vulnerability is Guest VM to Hyper-V host server - virtualization security boundary.
FAQ: What type of information could be disclosed by this vulnerability?
The type of information that could be disclosed if an attacker successfully exploited this vulnerability is memory from the file cache. This could include unintentional read access to memory contents in kernel space from a user mode process, and on a Hyper-V server this could result in Guest VM to Hyper-V host server memory content disclosure.
FAQ: According to the CVSS metric, the attack complexity is high (AC:H).
GHSA
GHSA-37hv-4cjv-mxqq: Windows Kernel Memory Information Disclosure Vulnerability
ghsa_unreviewed·2022-05-24
CVE-2021-34500 [HIGH] GHSA-37hv-4cjv-mxqq: Windows Kernel Memory Information Disclosure Vulnerability
Windows Kernel Memory Information Disclosure Vulnerability
No detection rules found.
No public exploits indexed.
No writeups or analysis indexed.
2021-07-14
Published