CVE-2025-54099 Windows Ancillary Function Driver for WinSock Elevation of Privilege Vulnerability

...

CVE-2025-54099

CVE-2025-54099 affects the Windows Ancillary Function Driver for WinSock. The issue is a stack-based buffer overflow that can be exploited by an authorized, locally-located attacker to obtain elevated privileges. The connected NCSC advisory corroborates the CVE’s association with privilege escala...

PT-2025-36842

Name of the Vulnerable Software and Affected Versions: Windows Ancillary Function Driver for WinSock affected versions not specified Description: A stack-based buffer overflow exists in the Windows Ancillary Function Driver for WinSock. This issue allows a locally authorized attacker to elevate...

Microsoft Windows Ancillary Function Driver for WinSock 安全漏洞

Microsoft Windows Ancillary Function Driver for WinSock is a helper function driver for Winsock from Microsoft Corporation USA. A security vulnerability exists in Microsoft Windows Ancillary Function Driver for WinSock. An attacker could exploit the vulnerability to elevate privileges. The...

CVE-2025-38625 vfio/pds: Fix missing detach_ioas op

In the Linux kernel, the following vulnerability has been resolved: vfio/pds: Fix missing detachioas op When CONFIGIOMMUFD is enabled and a device is bound to the pdsvfiopci driver, the following WARNON trace is seen and probe fails: WARNING: CPU: 0 PID: 5040 at drivers/vfio/vfiomain.c:317...

CVE-2025-53141

Null pointer dereference in Windows Ancillary Function Driver for WinSock allows an authorized attacker to elevate privileges locally...

CVE-2025-53147

Use after free in Windows Ancillary Function Driver for WinSock allows an authorized attacker to elevate privileges locally...

CVE-2025-53718

Use after free in Windows Ancillary Function Driver for WinSock allows an authorized attacker to elevate privileges locally...

CVE-2025-53141

Null pointer dereference in Windows Ancillary Function Driver for WinSock allows an authorized attacker to elevate privileges locally...

CVE-2025-53137

Use after free in Windows Ancillary Function Driver for WinSock allows an authorized attacker to elevate privileges locally...

CVE-2025-49762

Concurrent execution using shared resource with improper synchronization 'race condition' in Windows Ancillary Function Driver for WinSock allows an authorized attacker to elevate privileges locally...

CVE-2025-53718 Windows Ancillary Function Driver for WinSock Elevation of Privilege Vulnerability

...

CVE-2025-53718 Windows Ancillary Function Driver for WinSock Elevation of Privilege Vulnerability

...

CVE-2025-53718

Technical details about CVE-2025-53718 are not publicly available in the provided connected documents. No specific product/version/root-cause/impact details are provided here. Monitor future updates from Microsoft and CVE databases for remediation and impact information.

CVE-2025-53154 Windows Ancillary Function Driver for WinSock Elevation of Privilege Vulnerability

...

CVE-2025-53154 Windows Ancillary Function Driver for WinSock Elevation of Privilege Vulnerability

...

CVE-2025-53154

CVE-2025-53154 concerns the Windows Ancillary Function Driver for WinSock and describes a null pointer dereference that enables a local, authorized user to achieve privilege escalation. The CVSSv3.1 metrics cited by Microsoft indicate a local attack vector, low attack complexity, and required pri...

CVE-2025-53147 Windows Ancillary Function Driver for WinSock Elevation of Privilege Vulnerability

...

CVE-2025-53147 Windows Ancillary Function Driver for WinSock Elevation of Privilege Vulnerability

...

CVE-2025-53147

CVE-2025-53147 refers to a local privilege escalation in the Windows Ancillary Function Driver for WinSock caused by a use-after-free condition. The CVSS vector indicates a local, high-privilege impact with “LOW” privileges required and no user interaction, consistent with an attacker who already...