Microsoft Windows Subsystem For Linux vulnerabilities
5 known vulnerabilities affecting microsoft/windows_subsystem_for_linux.
Total CVEs
5
CISA KEV
0
Public exploits
0
Exploited in wild
1
Severity breakdown
CRITICAL1HIGH4
Vulnerabilities
Page 1 of 1
CVE-2025-62220HIGHCVSS 8.8fixed in 2.6.22025-11-11
CVE-2025-62220 [HIGH] CWE-122 CVE-2025-62220: Heap-based buffer overflow in Windows Subsystem for Linux GUI allows an unauthorized attacker to exe
Heap-based buffer overflow in Windows Subsystem for Linux GUI allows an unauthorized attacker to execute code over a network.
nvd
CVE-2025-53788HIGHCVSS 7.0fixed in 2.5.10≥ 5.0.0.0, < 2.5.102025-08-12
CVE-2025-53788 [HIGH] CWE-367 CVE-2025-53788: Time-of-check time-of-use (toctou) race condition in Windows Subsystem for Linux allows an authorize
Time-of-check time-of-use (toctou) race condition in Windows Subsystem for Linux allows an authorized attacker to elevate privileges locally.
nvd
CVE-2022-44689HIGHCVSS 7.8≥ 5.0.0.0, < 1.0.32022-12-13
CVE-2022-44689 [HIGH] CWE-269 CVE-2022-44689: Windows Subsystem for Linux (WSL2) Kernel Elevation of Privilege Vulnerability
Windows Subsystem for Linux (WSL2) Kernel Elevation of Privilege Vulnerability
nvd
CVE-2022-38014HIGHCVSS 7.0≥ 5.0.0.0, < 5.15.62.12022-11-09
CVE-2022-38014 [HIGH] CWE-362 CVE-2022-38014: Windows Subsystem for Linux (WSL2) Kernel Elevation of Privilege Vulnerability
Windows Subsystem for Linux (WSL2) Kernel Elevation of Privilege Vulnerability
nvd
CVE-2021-43907CRITICALCVSS 9.8Exploitedfixed in 0.63.112021-12-15
CVE-2021-43907 [CRITICAL] CVE-2021-43907: Visual Studio Code WSL Extension Remote Code Execution Vulnerability
Visual Studio Code WSL Extension Remote Code Execution Vulnerability
nvd