A deep-dive root cause analysis of CVE-2024-38063, a CVSS 9.8 Windows kernel vulnerability in the IPv6 packet parser (tcpip.sys). The author walks through patch diffing to identify a single-line change replacing IppSendErrorList with IppSendError, then reverse engineers the vulnerability chain: sending malformed IPv6
Table of contents
The easiest patch analysis everVulnerabilities optional, exploitation mandatoryHe’s making a list, he’s checking it….52,567 timesYo dawg, I heard you liked DoSMore reversing…again…forever…Back to fragmentationBeaten, but not defeatedThat’s all, for nowSort: