CVE-2015-6109

Name of the Vulnerable Software and Affected Versions Windows 8.1 Windows Server 2012 R2 Windows RT 8.1 Windows 10 Gold Windows 10 version 1511

Description The issue allows local users to bypass the KASLR protection mechanism and discover a driver base address via a crafted application. This is due to the kernel in Windows failing to properly initialize memory addresses, allowing an attacker to retrieve information. An attacker who successfully exploits this issue could retrieve the base address of the Kernel driver from a compromised process. To exploit the issue, an attacker would have to log on to an affected system and run a specially crafted application.

Recommendations For Windows 8.1, Windows Server 2012 R2, Windows RT 8.1, Windows 10 Gold, and Windows 10 version 1511, update to a newer version that includes the fix for this issue. At the moment, there is no information about a newer version that contains a fix for this vulnerability.