API tools faq
paste
Advertisement
Guest User

CVE-2012-2897

a guest
Nov 13th, 2012
725
0
Never
Add comment
Not a member of Pastebin yet? Sign Up, it unlocks many cool features!
text 6.67 KB | None | 0 0
raw download clone embed print report
  1. kd> !analyze -v
  2. *******************************************************************************
  3. * *
  4. * Bugcheck Analysis *
  5. * *
  6. *******************************************************************************
  7.  
  8. PAGE_FAULT_IN_NONPAGED_AREA (50)
  9. Invalid system memory was referenced. This cannot be protected by try-except,
  10. it must be protected by a Probe. Typically the address is just plain bad or it
  11. is pointing at freed memory.
  12. Arguments:
  13. Arg1: e242c000, memory referenced.
  14. Arg2: 00000000, value 0 = read operation, 1 = write operation.
  15. Arg3: bf88ef08, If non-zero, the instruction address which referenced the bad memory
  16. address.
  17. Arg4: 00000001, (reserved)
  18.  
  19. Debugging Details:
  20. ------------------
  21.  
  22.  
  23. READ_ADDRESS: e242c000 Paged pool
  24.  
  25. FAULTING_IP:
  26. win32k!vGetVerticalGSet+46
  27. bf88ef08 ff37 push dword ptr [edi]
  28.  
  29. MM_INTERNAL_CODE: 1
  30.  
  31. IMAGE_NAME: win32k.sys
  32.  
  33. DEBUG_FLR_IMAGE_TIMESTAMP: 4ff2f637
  34.  
  35. MODULE_NAME: win32k
  36.  
  37. FAULTING_MODULE: bf800000 win32k
  38.  
  39. DEFAULT_BUCKET_ID: DRIVER_FAULT
  40.  
  41. BUGCHECK_STR: 0x50
  42.  
  43. PROCESS_NAME: csrss.exe
  44.  
  45. TRAP_FRAME: b23a62e0 -- (.trap 0xffffffffb23a62e0)
  46. ErrCode = 00000000
  47. eax=00000000 ebx=e1e35d18 ecx=00000000 edx=00000000 esi=e23eb020 edi=e242c000
  48. eip=bf88ef08 esp=b23a6354 ebp=b23a6364 iopl=0 nv up ei ng nz na pe nc
  49. cs=0008 ss=0010 ds=0023 es=0023 fs=0030 gs=0000 efl=00010286
  50. win32k!vGetVerticalGSet+0x46:
  51. bf88ef08 ff37 push dword ptr [edi] ds:0023:e242c000=????????
  52. Resetting default scope
  53.  
  54. LAST_CONTROL_TRANSFER: from 804f7b8b to 80527c24
  55.  
  56. STACK_TEXT:
  57. b23a5e1c 804f7b8b 00000003 e242c000 00000000 nt!RtlpBreakWithStatusInstruction
  58. b23a5e68 804f8778 00000003 00000000 c0712160 nt!KiBugCheckDebugBreak+0x19
  59. b23a6248 804f8ca3 00000050 e242c000 00000000 nt!KeBugCheck2+0x574
  60. b23a6268 8051cc4f 00000050 e242c000 00000000 nt!KeBugCheckEx+0x1b
  61. b23a62c8 805405f4 00000000 e242c000 00000000 nt!MmAccessFault+0x8e7
  62. b23a62c8 bf88ef08 00000000 e242c000 00000000 nt!KiTrap0E+0xcc
  63. b23a6364 bf895168 e23aa010 fffefc0a e1acf7f8 win32k!vGetVerticalGSet+0x46
  64. b23a69f8 bf8949aa e1f72a08 03000000 e23eb010 win32k!bLoadTTF+0x3a1
  65. b23a6a80 bf8948e4 e1f72a08 012c0000 00067978 win32k!bLoadFontFile+0x230
  66. b23a6ad0 bf8943ad 00000001 e1f72a00 e1fd47f8 win32k!ttfdSemLoadFontFile+0x4c
  67. b23a6b00 bf89433b 00000001 e1f72a00 e1fd47f8 win32k!PDEVOBJ::LoadFontFile+0x3a
  68. b23a6b38 bf89469e b23a6c88 00000013 e1f72a00 win32k!vLoadFontFileView+0x12b
  69. b23a6bb4 bf89554e b23a6c88 00000013 00000001 win32k!PUBLIC_PFTOBJ::bLoadFonts+0x1da
  70. b23a6bfc bf895480 b23a6c88 00000013 00000001 win32k!GreAddFontResourceWInternal+0xab
  71. b23a6d44 8053d6f8 0009a560 00000013 00000001 win32k!NtGdiAddFontResourceW+0x172
  72. b23a6d44 7c90e514 0009a560 00000013 00000001 nt!KiFastCallEntry+0xf8
  73. WARNING: Stack unwind information not available. Following frames may be wrong.
  74. 0006f90c cdcdcdcd cdcdcdcd cdcdcdcd cdcdcdcd ntdll!KiFastSystemCallRet
  75. 0006f910 cdcdcdcd cdcdcdcd cdcdcdcd cdcdcdcd 0xcdcdcdcd
  76. 0006f914 cdcdcdcd cdcdcdcd cdcdcdcd cdcdcdcd 0xcdcdcdcd
  77. 0006f918 cdcdcdcd cdcdcdcd cdcdcdcd cdcdcdcd 0xcdcdcdcd
  78. 0006f91c cdcdcdcd cdcdcdcd cdcdcdcd cdcdcdcd 0xcdcdcdcd
  79. 0006f920 cdcdcdcd cdcdcdcd cdcdcdcd cdcdcdcd 0xcdcdcdcd
  80. 0006f924 cdcdcdcd cdcdcdcd cdcdcdcd cdcdcdcd 0xcdcdcdcd
  81. 0006f928 cdcdcdcd cdcdcdcd cdcdcdcd cdcdcdcd 0xcdcdcdcd
  82. 0006f92c cdcdcdcd cdcdcdcd cdcdcdcd cdcdcdcd 0xcdcdcdcd
  83. 0006f930 cdcdcdcd cdcdcdcd cdcdcdcd cdcdcdcd 0xcdcdcdcd
  84. 0006f934 cdcdcdcd cdcdcdcd cdcdcdcd cdcdcdcd 0xcdcdcdcd
  85. 0006f938 cdcdcdcd cdcdcdcd cdcdcdcd cdcdcdcd 0xcdcdcdcd
  86. 0006f93c cdcdcdcd cdcdcdcd cdcdcdcd cdcdcdcd 0xcdcdcdcd
  87. 0006f940 cdcdcdcd cdcdcdcd cdcdcdcd cdcdcdcd 0xcdcdcdcd
  88. 0006f944 cdcdcdcd cdcdcdcd cdcdcdcd cdcdcdcd 0xcdcdcdcd
  89. 0006f948 cdcdcdcd cdcdcdcd cdcdcdcd cdcdcdcd 0xcdcdcdcd
  90. 0006f94c cdcdcdcd cdcdcdcd cdcdcdcd cdcdcdcd 0xcdcdcdcd
  91. 0006f950 cdcdcdcd cdcdcdcd cdcdcdcd cdcdcdcd 0xcdcdcdcd
  92. 0006f954 cdcdcdcd cdcdcdcd cdcdcdcd cdcdcdcd 0xcdcdcdcd
  93. 0006f958 cdcdcdcd cdcdcdcd cdcdcdcd cdcdcdcd 0xcdcdcdcd
  94. 0006f95c cdcdcdcd cdcdcdcd cdcdcdcd cdcdcdcd 0xcdcdcdcd
  95. 0006f960 cdcdcdcd cdcdcdcd cdcdcdcd cdcdcdcd 0xcdcdcdcd
  96. 0006f964 cdcdcdcd cdcdcdcd cdcdcdcd cdcdcdcd 0xcdcdcdcd
  97. 0006f968 cdcdcdcd cdcdcdcd cdcdcdcd cdcdcdcd 0xcdcdcdcd
  98. 0006f96c cdcdcdcd cdcdcdcd cdcdcdcd cdcdcdcd 0xcdcdcdcd
  99. 0006f970 cdcdcdcd cdcdcdcd cdcdcdcd cdcdcdcd 0xcdcdcdcd
  100. 0006f974 cdcdcdcd cdcdcdcd cdcdcdcd cdcdcdcd 0xcdcdcdcd
  101. 0006f978 cdcdcdcd cdcdcdcd cdcdcdcd cdcdcdcd 0xcdcdcdcd
  102. 0006f97c cdcdcdcd cdcdcdcd cdcdcdcd cdcdcdcd 0xcdcdcdcd
  103. 0006f980 cdcdcdcd cdcdcdcd cdcdcdcd cdcdcdcd 0xcdcdcdcd
  104. 0006f984 cdcdcdcd cdcdcdcd cdcdcdcd cdcdcdcd 0xcdcdcdcd
  105. 0006f988 cdcdcdcd cdcdcdcd cdcdcdcd cdcdcdcd 0xcdcdcdcd
  106. 0006f98c cdcdcdcd cdcdcdcd cdcdcdcd cdcdcdcd 0xcdcdcdcd
  107. 0006f990 cdcdcdcd cdcdcdcd cdcdcdcd cdcdcdcd 0xcdcdcdcd
  108. 0006f994 cdcdcdcd cdcdcdcd cdcdcdcd cdcdcdcd 0xcdcdcdcd
  109. 0006f998 cdcdcdcd cdcdcdcd cdcdcdcd cdcdcdcd 0xcdcdcdcd
  110. 0006f99c cdcdcdcd cdcdcdcd cdcdcdcd cdcdcdcd 0xcdcdcdcd
  111. 0006f9a0 cdcdcdcd cdcdcdcd cdcdcdcd cdcdcdcd 0xcdcdcdcd
  112. 0006f9a4 cdcdcdcd cdcdcdcd cdcdcdcd cdcdcdcd 0xcdcdcdcd
  113. 0006f9a8 cdcdcdcd cdcdcdcd cdcdcdcd cdcdcdcd 0xcdcdcdcd
  114. 0006f9ac cdcdcdcd cdcdcdcd cdcdcdcd cdcdcdcd 0xcdcdcdcd
  115. 0006f9b0 cdcdcdcd cdcdcdcd cdcdcdcd cdcdcdcd 0xcdcdcdcd
  116. 0006f9b4 cdcdcdcd cdcdcdcd cdcdcdcd cdcdcdcd 0xcdcdcdcd
  117. 0006f9b8 cdcdcdcd cdcdcdcd cdcdcdcd cdcdcdcd 0xcdcdcdcd
  118. 0006f9bc cdcdcdcd cdcdcdcd cdcdcdcd cdcdcdcd 0xcdcdcdcd
  119. 0006f9c0 cdcdcdcd cdcdcdcd cdcdcdcd cdcdcdcd 0xcdcdcdcd
  120. 0006f9c4 cdcdcdcd cdcdcdcd cdcdcdcd cdcdcdcd 0xcdcdcdcd
  121. 0006f9c8 cdcdcdcd cdcdcdcd cdcdcdcd cdcdcdcd 0xcdcdcdcd
  122. 0006f9cc cdcdcdcd cdcdcdcd cdcdcdcd cdcdcdcd 0xcdcdcdcd
  123. 0006f9d0 cdcdcdcd cdcdcdcd cdcdcdcd cdcdcdcd 0xcdcdcdcd
  124. 0006f9d4 cdcdcdcd cdcdcdcd cdcdcdcd cdcdcdcd 0xcdcdcdcd
  125. 0006f9d8 cdcdcdcd cdcdcdcd cdcdcdcd cdcdcdcd 0xcdcdcdcd
  126. 0006f9dc cdcdcdcd cdcdcdcd cdcdcdcd cdcdcdcd 0xcdcdcdcd
  127. 0006f9e0 cdcdcdcd cdcdcdcd cdcdcdcd cdcdcdcd 0xcdcdcdcd
  128. 0006f9e4 cdcdcdcd cdcdcdcd cdcdcdcd cdcdcdcd 0xcdcdcdcd
  129. 0006f9e8 cdcdcdcd cdcdcdcd cdcdcdcd cdcdcdcd 0xcdcdcdcd
  130. 0006f9ec cdcdcdcd cdcdcdcd cdcdcdcd cdcdcdcd 0xcdcdcdcd
  131. 0006f9f0 cdcdcdcd cdcdcdcd cdcdcdcd cdcdcdcd 0xcdcdcdcd
  132. 0006f9f4 cdcdcdcd cdcdcdcd cdcdcdcd cdcdcdcd 0xcdcdcdcd
  133.  
  134.  
  135. STACK_COMMAND: kb
  136.  
  137. FOLLOWUP_IP:
  138. win32k!vGetVerticalGSet+46
  139. bf88ef08 ff37 push dword ptr [edi]
  140.  
  141. SYMBOL_STACK_INDEX: 6
  142.  
  143. SYMBOL_NAME: win32k!vGetVerticalGSet+46
  144.  
  145. FOLLOWUP_NAME: MachineOwner
  146.  
  147. FAILURE_BUCKET_ID: 0x50_win32k!vGetVerticalGSet+46
  148.  
  149. BUCKET_ID: 0x50_win32k!vGetVerticalGSet+46
  150.  
  151. Followup: MachineOwner
  152. ---------
Advertisement
Add Comment
Please, Sign In to add comment
Advertisement
Public Pastes
Advertisement
We use cookies for various purposes including analytics. By continuing to use Pastebin, you agree to our use of cookies as described in the Cookies Policy.  OK, I Understand
Not a member of Pastebin yet?
Sign Up, it unlocks many cool features!