CVE-2018-8406
Severity CVSS v4.0:
Pending analysis
Type:
CWE-404
Improper Resource Shutdown or Release
Publication date:
15/08/2018
Last modified:
04/04/2025
Description
An elevation of privilege vulnerability exists when the DirectX Graphics Kernel (DXGKRNL) driver improperly handles objects in memory, aka "DirectX Graphics Kernel Elevation of Privilege Vulnerability." This affects Windows Server 2016, Windows 10, Windows 10 Servers. This CVE ID is unique from CVE-2018-8400, CVE-2018-8401, CVE-2018-8405.
Impact
Base Score 3.x
7.80
Severity 3.x
HIGH
Base Score 2.0
7.20
Severity 2.0
HIGH
Vulnerable products and versions
| CPE | From | Up to |
|---|---|---|
| cpe:2.3:o:microsoft:windows_10_1507:-:*:*:*:*:*:x64:* | ||
| cpe:2.3:o:microsoft:windows_10_1507:-:*:*:*:*:*:x86:* | ||
| cpe:2.3:o:microsoft:windows_10_1607:-:*:*:*:*:*:x64:* | ||
| cpe:2.3:o:microsoft:windows_10_1607:-:*:*:*:*:*:x86:* | ||
| cpe:2.3:o:microsoft:windows_10_1703:-:*:*:*:*:*:x64:* | ||
| cpe:2.3:o:microsoft:windows_10_1703:-:*:*:*:*:*:x86:* | ||
| cpe:2.3:o:microsoft:windows_10_1709:-:*:*:*:*:*:x64:* | ||
| cpe:2.3:o:microsoft:windows_10_1709:-:*:*:*:*:*:x86:* | ||
| cpe:2.3:o:microsoft:windows_10_1803:-:*:*:*:*:*:x64:* | ||
| cpe:2.3:o:microsoft:windows_10_1803:-:*:*:*:*:*:x86:* | ||
| cpe:2.3:o:microsoft:windows_server_1709:-:*:*:*:*:*:x64:* | ||
| cpe:2.3:o:microsoft:windows_server_1803:-:*:*:*:*:*:x64:* | ||
| cpe:2.3:o:microsoft:windows_server_2016:-:*:*:*:*:*:*:* |
To consult the complete list of CPE names with products and versions, see this page
References to Advisories, Solutions, and Tools
- http://www.securityfocus.com/bid/105012
- http://www.securitytracker.com/id/1041461
- https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2018-8406
- http://www.securityfocus.com/bid/105012
- http://www.securitytracker.com/id/1041461
- https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2018-8406