CVE-2018-8897

Demo exploitation of the POP SS vulnerability (CVE-2018-8897), leading to unsigned code execution with kernel privilages.

KVA Shadowing should be disabled and the relevant security update should be uninstalled.
This may not work with certain hypervisors (like VMWare), which discard the pending #DB after INT3.

Detailed explanation:

Name		Name	Last commit message	Last commit date
Latest commit History 23 Commits
.gitattributes		.gitattributes
Error.h		Error.h
KernelRoutines.h		KernelRoutines.h
LICENSE		LICENSE
LockedMemory.h		LockedMemory.h
Main.cpp		Main.cpp
Native.asm		Native.asm
Native.h		Native.h
NtDefines.h		NtDefines.h
README.md		README.md