CVE-2025-59497: Microsoft Defender for Linux Denial of Service Vulnerability

Overview

Severity

High (CVSS 7)

CVSS Vector

CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C

Category

Denial of Service

Exploit Status

Not Exploited

Exploitation Likelihood

Less Likely

Patch Tuesday

2025-Oct

Released

2025-10-14

EPSS Score

0.03% (percentile: 8.1%)

Description

Time-of-check time-of-use (toctou) race condition in Microsoft Defender for Linux allows an authorized attacker to deny service locally.

FAQ

According to the CVSS metric, the attack complexity is high (AC:H). What does that mean for this vulnerability? Successful exploitation of this vulnerability requires an attacker to win a race condition.

Affected Products (1)

System Center

• Microsoft Defender for Endpoint for Linux

Security Updates (1)

• Release Notes

Acknowledgments

G1ND1L4, Gil Regev

Revision History

• 2025-10-14: Information published.