3 matches found
CVE-2021-43907
The CVE-2021-43907 entry concerns a remote code execution vulnerability in the Visual Studio Code Remote - WSL extension. Documented details indicate an attacker could trigger arbitrary code execution on a vulnerable host via the WSL extension, with CVSS v3.1 base score 9.8 (CRITICAL) and no user...
CVE-2025-62220
CVE-2025-62220 describes a heap-based buffer overflow in the Windows Subsystem for Linux GUI (WSL GUI), leading to remote code execution over the network. Connected sources identify this as affecting WSL2, with disclosures noting that versions prior to 2.6.2 are vulnerable (the Nessus plugin cite...
CVE-2025-53788
CVE-2025-53788 affects Windows Subsystem for Linux (WSL2). A Time-of-check time-of-use (TOCTOU) race condition in the WSL kernel allows a locally authenticated attacker to elevate privileges. The CVE is tied to WSL2 prior to version 2.5.10, with a CVSSv3.1 base score of 7.0 (High) under LOCAL att...