CVE-2025-53151: Use after free in Windows Kernel allows an authorized attacker to elevate privileges locally.

CVE-2025-53151 [HIGH] CWE-416 Windows Kernel Elevation of Privilege Vulnerability Windows Kernel Elevation of Privilege Vulnerability Description: Use after free in Windows Kernel allows an authorized attacker to elevate privileges locally. FAQ: What privileges could be gained by an attacker who successfully exploited the vulnerability? An attacker who successfully exploited this vulnerability could potentially gain the ability to crash the system by exploiting the use-after-free vulnerability, even as a standard user. FAQ: How could an attacker exploit this vulnerability? To exploit this vulnerability, an attacker would first have to log on to the system. An attacker could then run a specially crafted application that could exploit the vulnerability and take control of an affected system. Windows Kernel: Windows Kernel Microsoft: Microsoft Customer Action Require

CVE-2024-53151 [MEDIUM] CWE-190 svcrdma: Address an integer overflow svcrdma: Address an integer overflow FAQ: Is Azure Linux the only Microsoft product that includes this open-source library and is therefore potentially affected by this vulnerability? One of the main benefits to our customers who choose to use the Azure Linux distro is the commitment to keep it up to date with the most recent and most secure versions of the open source libraries with which the distro is composed. Microsoft is committed to transparency in this work which is why we began publishing CSAF/VEX in October 2025. See this blog post for more information. If impact to additional products is identified, we will update the CVE to reflect this. Mariner: Mariner Linux: Linux Customer Action Required: Yes Remediation: CBL-Mariner Releases Reference: https://learn.microsoft.com/en-u

CVE-2025-53151 [HIGH] CWE-416 GHSA-p52h-4mjq-m66r: Use after free in Windows Kernel allows an authorized attacker to elevate privileges locally Use after free in Windows Kernel allows an authorized attacker to elevate privileges locally.

[HIGH] Microsoft August 2025 Patch Tuesday fixes one zero-day, 107 flaws ## Microsoft August 2025 Patch Tuesday fixes one zero-day, 107 flaws ## Lawrence Abrams 44 Elevation of Privilege Vulnerabilities 35 Remote Code Execution Vulnerabilities 18 Information Disclosure Vulnerabilities 4 Denial of Service Vulnerabilities 9 Spoofing Vulnerabilities When BleepingComputer reports on the Patch Tuesday security updates, we only count those released on Patch Tuesday. Therefore, the number of flaws does not include Mariner, Azure, and Microsoft Edge bugs fixed earlier this month. To learn more about the non-security updates released today, you can review our dedicated articles on the Windows 11 KB5063878 & KB5063875 cumulative updates and the Windows 10 KB5063709 cumulative update . ## One publicly disclosed zero-day fixed This month's Patch Tuesday fixes one