CVE-2025-53804
ntoskrnl.exe — information disclosure via kernel-mode driver
Summary
| Field | Value |
|---|---|
| Driver | ntoskrnl.exe |
| Vulnerability Class | Information Disclosure |
| CVSS | 5.5 |
| Exploited ITW | No |
| Patch Date | September 9, 2025 |
Root Cause
The NT kernel leaks memory contents to user-mode processes through a driver information query path. Uninitialized or unsanitized kernel data is returned to user mode.
Exploitation
The attacker queries the kernel through a specific information class. The returned data contains kernel memory contents useful for KASLR bypass or further exploitation.
Exploitation Primitive
Kernel info query → uninitialized data returned
→ kernel address leak → KASLR bypass