Home

Description

Kernel Streaming WOW Thunk Service Driver Elevation of Privilege Vulnerability

PUBLISHED Reserved 2024-06-11 | Published 2024-07-09 | Updated 2025-10-14 | Assigner microsoft




HIGH: 7.8CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C

Problem types

CWE-125: Out-of-bounds Read

Product status

10.0.17763.0 (custom) before 10.0.17763.6054
affected

10.0.17763.0 (custom) before 10.0.17763.6054
affected

10.0.17763.0 (custom) before 10.0.17763.6054
affected

10.0.20348.0 (custom) before 10.0.20348.2582
affected

10.0.0 (custom) before 10.0.22000.3079
affected

10.0.19043.0 (custom) before 10.0.19044.4651
affected

10.0.22621.0 (custom) before 10.0.22621.3880
affected

10.0.19045.0 (custom) before 10.0.19045.4651
affected

10.0.22631.0 (custom) before 10.0.22631.3880
affected

10.0.22631.0 (custom) before 10.0.22631.3880
affected

10.0.25398.0 (custom) before 10.0.25398.1009
affected

10.0.10240.0 (custom) before 10.0.10240.20710
affected

10.0.14393.0 (custom) before 10.0.14393.7159
affected

10.0.14393.0 (custom) before 10.0.14393.7159
affected

10.0.14393.0 (custom) before 10.0.14393.7159
affected

6.0.6003.0 (custom) before 6.0.6003.22769
affected

6.0.6003.0 (custom) before 6.0.6003.22769
affected

6.0.6003.0 (custom) before 6.0.6003.22769
affected

6.1.7601.0 (custom) before 6.1.7601.27219
affected

6.1.7601.0 (custom) before 6.1.7601.27219
affected

6.2.9200.0 (custom) before 6.2.9200.24975
affected

6.2.9200.0 (custom) before 6.2.9200.24975
affected

6.3.9600.0 (custom) before 6.3.9600.22074
affected

6.3.9600.0 (custom) before 6.3.9600.22074
affected

References

msrc.microsoft.com/update-guide/vulnerability/CVE-2024-38057 (Kernel Streaming WOW Thunk Service Driver Elevation of Privilege Vulnerability) vendor-advisory

msrc.microsoft.com/update-guide/vulnerability/CVE-2024-38057 (Kernel Streaming WOW Thunk Service Driver Elevation of Privilege Vulnerability) vendor-advisory

cve.org (CVE-2024-38057)

nvd.nist.gov (CVE-2024-38057)

Download JSON