kernel vulnerability

Microsoft’s advisory listing for a Windows HTTP.sys elevation-of-privilege flaw should be treated as a high-priority remediation item: the vulnerability is recorded in vendor telemetry and public trackers, it affects the kernel-mode HTTP protocol stack that terminates HTTP requests for IIS and...

Microsoft has recorded CVE-2026-20870 as an elevation-of-privilege flaw in the Windows Win32 kernel subsystem; the vendor’s public entry confirms the existence of a kernel-level local EoP and attaches Microsoft’s “confidence” metric to the record — a signal administrators should treat as an...

Microsoft’s Security Update Guide lists a new Windows kernel vulnerability, CVE‑2026‑20860, in the Windows Ancillary Function Driver for WinSock (afd.sys) that Microsoft categorizes as an elevation‑of‑privilege (EoP) issue; the vendor has published an Update Guide entry and a security update...

Microsoft’s Security Response Center has recorded CVE‑2026‑20859 as a Windows kernel‑mode driver elevation of privilege vulnerability that administrators must treat as a high‑priority operational risk while they confirm exact build mappings and deploy vendor fixes. The vendor’s public advisory...

Microsoft’s advisory for CVE-2026-20831 identifies a kernel-level elevation-of-privilege issue in the Windows Ancillary Function Driver for WinSock (afd.sys) that enables an authenticated local user to escalate to SYSTEM on affected builds — administrators should treat the vendor update as...

Microsoft’s Security Update Guide lists CVE-2026-20810 as a vulnerability in the Windows Ancillary Function Driver for WinSock (afd.sys) where the driver “frees memory not on the heap,” allowing an authorized local attacker to elevate privileges on an affected system—an escalation that can turn...

Microsoft’s short public answer — that “Azure Linux includes this open‑source library and is therefore potentially affected” — is accurate for the product Microsoft has inventory‑checked, but it is not a categorical statement that no other Microsoft product could contain the same vulnerable...

A subtle but consequential flaw in the Linux kernel’s GS_USB CAN driver has been assigned CVE-2025-68343 after maintainers fixed a missing length check in the gs_usb_receive_bulk_callback handler. The bug allowed the driver to assume a full header was present in an incoming USB bulk transfer...

A logic ordering bug in the Smack Linux Security Module (LSM) has been assigned CVE-2025-68733 after maintainers corrected a code path that allowed unprivileged processes — under specific Smack configurations — to create new Smack labels by writing names into their own process attribute files...

Microsoft’s public advisory confirms that Azure Linux images include the upstream open‑source kernel code referenced by CVE‑2025‑38275 and are therefore potentially affected, but it does not assert that Azure Linux is the only Microsoft product that contains the vulnerable component — the...

Microsoft’s brief advisory that “Azure Linux includes this open‑source library and is therefore potentially affected” is accurate — but it’s a product‑scoped attestation, not proof that no other Microsoft product could carry the same vulnerable code. Background / Overview The vulnerability...

A subtle race in the f2fs remount logic can leave the filesystem in a dangerous state: a kernel crash triggered by an inconsistent mount-option transition. The flaw tracked as CVE-2023-53447 arises when f2fs resets certain mount options during a remount operation, creating a brief window in...

Microsoft has publicly recorded CVE‑2025‑62221 — a use‑after‑free (UAF) defect in the Windows Cloud Files Mini Filter Driver (cldflt.sys) — that can be triggered by a local, authorized user to escalate privileges to SYSTEM, and administrators should treat this as a high‑priority local escalation...

Microsoft has assigned CVE‑2025‑59517 to a newly disclosed elevation‑of‑privilege flaw in the Windows Storage VSP driver — the kernel‑mode component Hyper‑V uses to provide storage services to guest partitions. The bug is described as improper access control that allows an authorized local...

Microsoft has recorded a new kernel‑level vulnerability, CVE‑2025‑59516, in the Windows Storage Virtualization Service Provider (VSP) driver that can allow a local, authorized attacker to escalate privileges on affected hosts by invoking a missing authentication path in the driver—Microsoft’s...

Microsoft’s security advisory for CVE-2025-62573 identifies a use‑after‑free bug in the DirectX Graphics Kernel that can be abused by an authenticated local user to escalate privileges to SYSTEM, and administrators should treat the issue as a high‑impact kernel elevation‑of‑privilege (EoP) risk...

Microsoft’s public vulnerability record for CVE-2025-62470 confirms a new high‑impact elevation‑of‑privilege flaw in the Windows Common Log File System (CLFS) driver that, according to vendor metadata and multiple independent trackers, is a heap‑based buffer‑overflow allowing a local, authorized...

Microsoft’s short public advisory that “Azure Linux includes this open‑source library and is therefore potentially affected” is correct as a product‑level statement — but it is not a categorical guarantee that no other Microsoft product can include the same vulnerable Linux kernel code...

The Linux kernel received a targeted, low‑risk patch that closes a null‑pointer dereference in the SCTP receive/state‑machine code — tracked as CVE‑2025‑40187 — a defect that could trigger kernel oopses or host reboots when specially sequenced AUTH/INIT state transitions leave an internal event...

A subtle mistake in the SLUB allocator’s handling of kmalloc redzones has been tracked as CVE-2024-49885: a kernel-level bug that can turn defensive memory-initialization into a self-inflicted availability failure. The defect is narrow and surgical in scope — it only appears when SLUB debugging...