CVE-2025-62220Heap-based Buffer Overflow in Microsoft Windows Subsystem FOR Linux GUI

CWE-122Heap-based Buffer Overflow4 documents4 sources
Severity
8.8HIGHNVD
EPSS
0.1%
top 84.06%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
3
Microsoft Windows Subsystem FOR Linux GUIMicrosoft Windows Subsystem FOR LinuxMsrc Windows Subsystem FOR Linux GUI
Timeline
PublishedNov 11

Description

Heap-based buffer overflow in Windows Subsystem for Linux GUI allows an unauthorized attacker to execute code over a network.

CVSS vector

CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:HExploitability: 2.8 | Impact: 5.9

Affected Packages3 packages

🔴Vulnerability Details

1
GHSA
GHSA-q774-gvh6-h2cc: Heap-based buffer overflow in Windows Subsystem for Linux GUI allows an unauthorized attacker to execute code over a network2025-11-11

📋Vendor Advisories

1
Microsoft
Windows Subsystem for Linux GUI Remote Code Execution Vulnerability2025-11-11

🕵️Threat Intelligence

1
Bleepingcomputer
Microsoft November 2025 Patch Tuesday fixes 1 zero-day, 63 flaws2025-11-11