CVE 2021 31956 Exploiting the Windows Kernel (NTFS with WNF) part1

Source provenance. Raw material catalogued for the wiki ingest pipeline. Lives offline at raw_sources/windows-exploit-research/CVE-2021-31956 Exploiting the Windows Kernel (NTFS with WNF)-part1.md.

Status: integrated Integrated into: CVE-2021-31956

Excerpt

Recently I decided to take a look at CVE-2021-31956, a local privilege escalation within Windows due to a kernel memory corruption bug which was patched within the June 2021 Patch Tuesday. Microsoft describe the vulnerability within their advisory document, which notes many versions of Windows being affected and in-the-wild ex…