Windows 11 21H2
CVE-2024-38080
HIGH
Severity by source
AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
Primary rating from Vendor (microsoft) · only source for this CVE.
CVSS VectorVendor: microsoft
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
Lifecycle Timeline
2DescriptionCVE.org
Windows Hyper-V Elevation of Privilege Vulnerability
AnalysisAI
Windows Hyper-V Elevation of Privilege Vulnerability. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. This Integer Overflow vulnerability could allow attackers to cause unexpected behavior through arithmetic overflow.
Technical ContextAI
This vulnerability is classified as Integer Overflow (CWE-190), which allows attackers to cause unexpected behavior through arithmetic overflow. Affected products include: Microsoft Windows 11 21H2, Microsoft Windows 11 22H2, Microsoft Windows 11 23H2, Microsoft Windows Server 2022, Microsoft Windows Server 2022 23H2.
RemediationAI
A vendor patch is available. Apply the latest security update as soon as possible. Validate arithmetic operations, use safe integer libraries, check bounds before allocation.
More in Windows 11 21H2
View allThis flaw makes curl overflow a heap based buffer in the SOCKS5 proxy handshake. Rated critical severity (CVSS 9.8), thi
Windows Themes Remote Code Execution Vulnerability. Rated high severity (CVSS 8.8), this vulnerability is remotely explo
<p>A remote code execution vulnerability exists when the Windows Print Spooler service improperly performs privileged fi
Windows Kernel-Mode Driver Elevation of Privilege Vulnerability. Rated high severity (CVSS 7.8), this vulnerability is l
Windows Cloud Files Mini Filter Driver Elevation of Privilege Vulnerability. Rated high severity (CVSS 7.8), this vulner
Win32k Elevation of Privilege Vulnerability. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity
Windows Error Reporting Service Elevation of Privilege Vulnerability. Rated high severity (CVSS 7.8), this vulnerability
Windows Common Log File System Driver Elevation of Privilege Vulnerability. Rated high severity (CVSS 7.8), this vulnera
Win32k Elevation of Privilege Vulnerability. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity
Windows User Profile Service Elevation of Privilege Vulnerability. Rated high severity (CVSS 7.0).
Microsoft Message Queuing (MSMQ) Remote Code Execution Vulnerability. Rated critical severity (CVSS 9.8), this vulnerabi
SmartScreen Prompt Security Feature Bypass Vulnerability. Rated high severity (CVSS 8.8), this vulnerability is remotely
Same weakness CWE-190 – Integer Overflow or Wraparound
View allSame technique Integer Overflow
View allShare
External POC / Exploit Code
Leaving vuln.today