A kernel information leak vulnerability (CVE-2025-53136) was discovered in Windows, allowing unauthorized access to kernel addresses through a race condition in the RtlSidHashInitialize function. The vulnerability affects Windows versions 24H2 or later and can be exploited from Low IL or AppContainer contexts, potentially enabling local privilege escalation when combined with other vulnerabilities.

https://www.crowdfense.com/nt-os-kernel-information-disclosure-vulnerability-cve-2025-53136/

#security #windows #vulnerability #kernel #kaslr