Technische Universität Ilmenau ; Universitätsbibliothek Ilmenau, ilmedia
Erscheinungsjahr:
2025
Medientyp:
Text
Schlagworte:
004: Informatik
ddc:004
Beschreibung:
CVE-2024-38063 was claimed to be a critical remote code execution vulnerability in the Microsoft Windows IPv6 stack due to an integer underflow and heap-based buffer overflow. This paper analyzes the vulnerability's root cause, demonstrates a proof-of-concept exploit, and evaluates its reproducibility under various patch levels. The analysis highlights the implications of a conditional patch rollback mechanism and discusses mitigation strategies. Additionally, it recalculates the CVSS score basing on these findings.