CVE 2024 38063 Remotely Exploiting The Kernel Via IPv6

Source provenance. Raw material catalogued for the wiki ingest pipeline. Lives offline at raw_sources/windows-exploit-research/CVE-2024-38063 - Remotely Exploiting The Kernel Via IPv6.md.

Status: integrated Integrated into: CVE-2024-38063

Excerpt

Since the latest Windows patch dropped on the 13th of August I’ve been deep in the weeds of tcpip.sys (the kernel driver responsible for handling TCP/IP packets). A vulnerability with a 9.8 CVSS score in the most easily reachable part of the Windows kernel was something I simply couldn’t pass up on. I’ve never really looked at IPv6 before (or the drivers responsible for parsing it), so I knew tryi…