CVE-2025-50168 Exploit PoC — Pwn2Own Berlin 2025 - LPE(Windows 11) winning bug.Author: [D4m0n](https://x.com/d4m0n_8)
# CVE-2025-50168
This is an exploit submitted to **Pwn2Own Berlin 2025 - LPE Category**.
The vulnerability occurs in `Win32kbase!DirectComposition`, and further details can be found in the [blog post](https://www.oobs.io/posts/four-bytes-one-lie).
## Acknowledgements
- **kASLR bypass technique:** [prefetch-tool](https://github.com/exploits-forsale/prefetch-tool) by [carrot_c4k3](https://mastodon.social/@carrot_c4k3)
- **Special thanks to:** David & Louis of [Out of Bounds](https://oobs.io/)
## Disclaimer
This repository is for educational and research purposes only and must not be used for malicious purposes. Use of the materials for unauthorized or illegal activity is strictly prohibited.
[4.0K] /data/pocs/97dce5df3abe71d42f2c08504de41c1f311e0f74
├── [4.0K] P2O
│ ├── [6.4K] dcomp.h
│ ├── [ 11K] ioring.h
│ ├── [ 28K] main.cpp
│ ├── [1.2K] P2O.sln
│ ├── [7.4K] P2O.vcxproj
│ ├── [1.3K] P2O.vcxproj.filters
│ ├── [1.2K] prefetch_asm.asm
│ └── [ 17K] prefetch_leak.h
└── [ 742] README.md
2 directories, 9 files