CVE-2017-8622 — Corporation Windows Subsystem FOR Linux vulnerability

5 documents4 sources

Severity

7.8HIGHNVD

EPSS

1.1%

top 22.02%

CISA KEV

Not in KEV

Exploit

No known exploits

Affected products

Microsoft Corporation Windows Subsystem FOR Linux Microsoft Windows 10 Msrc Windows 10 Version 1703 FOR X64-based Systems

Timeline

PublishedAug 8

Latest updateMay 13

Description

Windows Subsystem for Linux in Windows 10 1703 allows an elevation of privilege vulnerability when it fails to properly handle handles NT pipes, aka "Windows Subsystem for Linux Elevation of Privilege Vulnerability".

CVSS vector

CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:HExploitability: 1.8 | Impact: 5.9

Affected Packages3 packages

▶CVEListV5microsoft_corporation/windows_subsystem_for_linuxWindows 10 1703

▶msrcmsrc/windows_10_version_1703_for_x64-based_systems

▶NVDmicrosoft/windows_101703

Patches

Patch: portal.msrc.microsoft.com ↗Patch: portal.msrc.microsoft.com ↗

🔴Vulnerability Details

GHSA

GHSA-2v69-cv79-6qfc: Windows Subsystem for Linux in Windows 10 1703 allows an elevation of privilege vulnerability when it fails to properly handle handles NT pipes, aka "↗2022-05-13

▶

📋Vendor Advisories

Microsoft

Windows Subsystem for Linux Elevation of Privilege Vulnerability↗2017-08-08

▶

🕵️Threat Intelligence

Talos

Microsoft Patch Tuesday - August 2017↗2017-08-08

▶

Talos

Microsoft Patch Tuesday - August 2017↗2017-08-08

▶