CVE-2026-21237

Publication date 10 February 2026

Last updated 11 February 2026

Ubuntu priority

Description

Concurrent execution using shared resource with improper synchronization ('race condition') in Windows Subsystem for Linux allows an authorized attacker to elevate privileges locally.

Status

Show unmaintained releases

Package	Ubuntu Release	Status

How can I get the fixes?
What do statuses mean?

References

MITRE
NVD
Launchpad
Debian

Other references

https://www.cve.org/CVERecord?id=CVE-2026-21237
https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-21237

CVE-2026-21237

Description

Status

References

Other references

Access our resources on patching vulnerabilities