Diffing

Analysis of a 1day (CVE-2019-0547) and discovery of a forgotten condition in the patch (CVE-2019-0726) – Part 1 of 2

02 May 2019 ~12 min By Hector Cuesta

Cve Cve-2019-0547 Cve-2019-0726 Dhcp Exploit Kb4480966 Patch Diffing Research Diffing Protocol Windows

Cve
Cve-2019-0547
Cve-2019-0726
Dhcp
Exploit
Kb4480966
Patch Diffing
Research
Diffing
Protocol
Windows

This post will cover my journey into the analysis of CVE-2019-0547 (Affecting the windows DHCP client), a vulnerability discovered by Mitch Adair of Microsoft Windows Enterprise Security Team and how I found a new issue in the same function. Part 1Patch extractionPatch diffingProgram flow to the functionDHCP Options0x000x00Part 2Integer overflowNobody respects RFCs0xC0 “compression algorithm”Final conclusions Patch extraction Even though these first steps around patch downloading, extraction and diffing are already heavily documented over the internet, I will cover them here in any case.

Page 1 of 1