5 matches found
CVE-2022-44689
CVE-2022-44689 affects Windows Subsystem for Linux (WSL2) kernel, enabling local elevation of privilege. The NVD entry lists a local attack vector with low complexity and low privileges required, resulting in high impact to confidentiality, integrity, and availability. Connected sources corrobora...
CVE-2022-38014
CVE-2022-38014 affects Windows Subsystem for Linux (WSL2) kernel components. The CVSSv3 metrics in the initial record indicate a Local, Privilege-Required (Low), No User Interaction, with Confidentiality, Integrity, and Availability impacts all High, resulting in a base score of 7.0 (HIGH). The v...
CVE-2021-43907
The CVE-2021-43907 entry concerns a remote code execution vulnerability in the Visual Studio Code Remote - WSL extension. Documented details indicate an attacker could trigger arbitrary code execution on a vulnerable host via the WSL extension, with CVSS v3.1 base score 9.8 (CRITICAL) and no user...
CVE-2025-62220
CVE-2025-62220 describes a heap-based buffer overflow in the Windows Subsystem for Linux GUI (WSL GUI), leading to remote code execution over the network. Connected sources identify this as affecting WSL2, with disclosures noting that versions prior to 2.6.2 are vulnerable (the Nessus plugin cite...
CVE-2025-53788
CVE-2025-53788 affects Windows Subsystem for Linux (WSL2). A Time-of-check time-of-use (TOCTOU) race condition in the WSL kernel allows a locally authenticated attacker to elevate privileges. The CVE is tied to WSL2 prior to version 2.5.10, with a CVSSv3.1 base score of 7.0 (High) under LOCAL att...