| Publisher DOI: | 10.22032/dbt.67106 | Title: | Critical analysis of CVE-2024-38063 : the Microsoft IPv6-vulnerability | Language: | English | Authors: | Kerutt, Bennet Lorenz, Bastian Schwarz, Monina Kaven, Sascha  Skwarek, Volker |
Editor: | Koldehofe, Boris Klingler, Florian Sommer, Christoph Hummel, Karin Anna Amthor, Peter |
Issue Date: | 29-Aug-2025 | Publisher: | Technische Universität Ilmenau ; Universitätsbibliothek Ilmenau, ilmedia | Part of Series: | Proceedings of the International Conference on Networked Systems 2025 (NetSys 2025) : Technische Universität Ilmenau, 1-4 September 2025 | Startpage: | 5 | Endpage: | 8 | Conference: | International Conference on Networked Systems 2025 | Abstract: | CVE-2024-38063 was claimed to be a critical remote code execution vulnerability in the Microsoft Windows IPv6 stack due to an integer underflow and heap-based buffer overflow. This paper analyzes the vulnerability's root cause, demonstrates a proof-of-concept exploit, and evaluates its reproducibility under various patch levels. The analysis highlights the implications of a conditional patch rollback mechanism and discusses mitigation strategies. Additionally, it recalculates the CVSS score basing on these findings. |
URI: | https://hdl.handle.net/20.500.12738/18242 | Review status: | This version was peer reviewed (peer review) | Institute: | Forschungs- und Transferzentrum CyberSec Department Wirtschaftsingenieurwesen Fakultät Life Sciences |
Type: | Chapter/Article (Proceedings) | Additional note: | article number: 110 |
| Appears in Collections: | Publications without full text |
Show full item record
Add Files to Item
Note about this record
Export
Items in REPOSIT are protected by copyright, with all rights reserved, unless otherwise indicated.