Primary

Context

Microsoft Defender for Linux TOCTOU Race Condition Vulnerability Leading to Denial-of-Service

Vulnerability

Patched

A time-of-check time-of-use (TOCTOU) race condition vulnerability has been identified in Microsoft Defender for Linux. This vulnerability allows an authorized attacker to cause a local denial-of-service condition. The issue arises from a race condition that can be exploited by manipulating the timing of events, potentially leading to service disruption.

Impact

Exploitation of this vulnerability causes a local denial-of-service condition, disrupting the normal operation of the affected service or application.

Remediation

Users can download the security update for Microsoft Defender for Endpoint for Linux from the Microsoft Defender for Endpoint Linux Updates page. The vulnerability is addressed in version 101.25032.0010.

Added: Oct 14, 2025, 5:53 PM

Updated: Oct 14, 2025, 8:21 PM

Vulnerability Rating

Custom Algorithm

spread

4.2

impact

2.5

exploitability

2.9

remediation

7.7

relevance

0.7

threat

0.0

urgency

2.9

incentive

1.7

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Vulnerability Rating

Custom Algorithm

spread

4.2

impact

2.5

exploitability

2.9

remediation

7.7

relevance

0.7

threat

0.0

urgency

2.9

incentive

1.7

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Microsoft Defender for Linux TOCTOU Race Condition Vulnerability Leading to Denial-of-Service

Vulnerability

Impact

Remediation

Affected Products

Microsoft Defender for Endpoint

CVSS Scores

References

Vulnerability Rating

Vulnerability Rating