| □ 12월 보안업데이트 개요 (총 11 종 ) o 등급 : 긴급 (Critical) 2 종 , 중요 (Important) 9 종
[참고 사이트]
o 취약점 요약 정보 (총 248개)
□ 작성 : 위협분석단 취약점분석팀
|
2025-12-11
□ 12월 보안업데이트 개요 (총 11 종 )
o 등급 : 긴급 (Critical) 2 종 , 중요 (Important) 9 종
o 발표일 : 2025.12.9.(화)
o 업데이트 내용
제품군
중요도
영향
Windows 11 25H2
중요
권한 상승
Windows 11 24H2
중요
권한 상승
Windows 11 23H2
중요
권한 상승
Windows Server 2025, Windows Server 2025(Server Core 설치)
중요
권한 상승
Windows Server 2022 23H2 버전(Server Core 설치),
Windows Server 2022, Windows Server 2022(Server Core 설치)
중요
권한 상승
Windows Server 2019
중요
권한 상승
Windows Server 2016
중요
권한 상승
Microsoft Office
긴급
원격 코드 실행
Microsoft SharePoint
긴급
원격 코드 실행
Microsoft Exchange Server
중요
권한 상승
Microsoft Azure
중요
원격 코드 실행
[참고 사이트]
[1] (한글) https://msrc.microsoft.com/update-guide/ko-kr/
[2] (영문) https://msrc.microsoft.com/update-guide/en-us/
[3] https://msrc.microsoft.com/update-guide/ko-kr/releaseNote/2025-Dec
o 취약점 요약 정보 (총 248개)
제품 카테고리
CVE 번호
CVE 제목
Mariner
Vim for Windows Uncontrolled Search Path Element Remote Code Execution Vulnerability
Mariner
LIBPNG has an out-of-bounds read in png_image_read_composite
Mariner
Apache HTTP Server: mod_userdir+suexec bypass via AllowOverride FileInfo
Mariner
A denial-of-service vulnerability exists in github.com/sirupsen/logrus when using Entry.Writer() to log a single-line payload larger than 64KB without newline characters.
Mariner
Apache HTTP Server: CGI environment variable override
Windows DWM Core Library
Windows DWM 핵심 라이브러리 권한 상승 취약성
Windows DWM Core Library
Windows DWM 핵심 라이브러리 권한 상승 취약성
Windows Routing and Remote Access Service (RRAS)
Windows RRAS(Routing and Remote Access Service) 원격 코드 실행 취약성
Storvsp.sys Driver
Windows 저장소 VSP 드라이버 권한 상승 취약성
Microsoft Office SharePoint
Microsoft SharePoint Server 스푸핑 취약성
Copilot
GitHub Copilot for Jetbrains 원격 코드 실행 취약성
Microsoft Graphics Component
Windows DirectX 정보 유출 취약성
Microsoft Exchange Server
Microsoft Exchange Server 스푸핑 취약성
Microsoft Exchange Server
Microsoft Exchange Server 권한 상승 취약성
Windows Shell
Windows Shell 권한 상승 취약성
GitHub Copilot and Visual Studio Code
GitHub Copilot and Visual Studio Code Remote Code Execution Vulnerability
Windows Shell
Windows 파일 탐색기 권한 상승 취약성
Azure Application Gateway
Azure 응용 프로그램 게이트웨이 권한 상승 취약성
Application Gateway
Azure Application Gateway Elevation of Privilege Vulnerability
Dynamics OmniChannel SDK Storage Containers
Dynamics OmniChannel SDK Storage Containers Elevation of Privilege Vulnerability
Mariner
KubeVirt Vulnerable to Arbitrary Host File Read and Write
Mariner
NULL pointer dereference vulnerability exists in GNU libmicrohttpd v1.0.2 and earlier. The vulnerability was fixed in commit ff13abc on the master branch of the libmicrohttpd Git repository, after the v1.0.2 tag. A specially crafted packet sent by an attacker could cause a denial-of-service (DoS) condition.
Windows DirectX
DirectX Graphics 커널 권한 상승 취약성
Application Information Services
애플리케이션 정보 서비스 권한 상승 취약성
Windows Installer
Windows Installer 권한 상승 취약성
Windows Camera Frame Server Monitor
Windows 카메라 프레임 서버 모니터 정보 공개 취약성
Microsoft Brokering File System
Microsoft Brokering File System 권한 상승 취약성
Windows Hyper-V
Windows Hyper-V 서비스 거부 취약성
Windows Shell
Windows 파일 탐색기 권한 상승 취약성
Microsoft Office Excel
Microsoft Excel 원격 코드 실행 취약성
Microsoft Office Excel
Microsoft Excel 원격 코드 실행 취약성
Microsoft Office Outlook
Microsoft Outlook 원격 코드 실행 취약성
Microsoft Office Excel
Microsoft Excel 원격 코드 실행 취약성
Microsoft Office Excel
Microsoft Excel 원격 코드 실행 취약성
Microsoft Office Word
Microsoft Word 원격 코드 실행 취약성
Microsoft Office Word
Microsoft Word 원격 코드 실행 취약성
Microsoft Office
Microsoft Office 원격 코드 실행 취약성
Microsoft Office Excel
Microsoft Excel 원격 코드 실행 취약성
Microsoft Office Word
Microsoft Word 원격 코드 실행 취약성
Microsoft Office
Microsoft Office 원격 코드 실행 취약성
Microsoft Office Excel
Microsoft Excel 원격 코드 실행 취약성
Microsoft Office Access
Microsoft Access 원격 코드 실행 취약성
Azure Monitor Agent
Azure Monitor 에이전트 원격 코드 실행 취약성
Windows Routing and Remote Access Service (RRAS)
Windows RRAS(Routing and Remote Access Service) 원격 코드 실행 취약성
Windows Remote Access Connection Manager
Windows 원격 액세스 연결 관리자 권한 상승 취약성
Windows Routing and Remote Access Service (RRAS)
Windows RRAS(Routing and Remote Access Service) 정보 공개 취약성
Windows Remote Access Connection Manager
Windows 원격 액세스 연결 관리자 권한 상승 취약성
Windows Common Log File System Driver
Windows 공용 로그 파일 시스템 드라이버 권한 상승 취약성
Microsoft Brokering File System
Microsoft Brokering File System 권한 상승 취약성
Windows Defender Firewall Service
Windows Defender 방화벽 서비스 정보 공개 취약성
Windows Projected File System
Windows 예상 파일 시스템 권한 상승 취약성
Windows Client-Side Caching (CSC) Service
Windows 클라이언트 쪽 캐싱 권한 상승 취약성
Windows DirectX
DirectX Graphics 커널 서비스 거부 취약성
Windows Projected File System
Windows 예상 파일 시스템 권한 상승 취약성
Windows DirectX
DirectX Graphics 커널 서비스 거부 취약성
Windows Projected File System
Windows 예상 파일 시스템 권한 상승 취약성
Windows Projected File System Filter Driver
Windows 예상 파일 시스템 권한 상승 취약성
Microsoft Defender Portal
Microsoft Defender Portal Spoofing Vulnerability
Windows Win32K - GRFX
Win32k 권한 상승 취약성
Windows Cloud Files Mini Filter Driver
Windows 클라우드 파일 미니 필터 드라이버 권한 상승 취약성
Windows Resilient File System (ReFS)
Windows ReFS(복원 파일 시스템) 원격 코드 실행 취약성
Windows Message Queuing
Microsoft MSMQ(메시지 큐) 권한 상승 취약성
Windows Cloud Files Mini Filter Driver
Windows 클라우드 파일 미니 필터 드라이버 권한 상승 취약성
Microsoft Edge for iOS
Mac용 Microsoft Edge(Chromium 기반) 스푸핑 취약성
Windows Cloud Files Mini Filter Driver
Windows 클라우드 파일 미니 필터 드라이버 권한 상승 취약성
Windows Subsystem for Linux GUI
Windows Subsystem for Linux GUI Remote Code Execution Vulnerability
Windows License Manager
Windows License Manager Information Disclosure Vulnerability
Windows License Manager
Windows License Manager Information Disclosure Vulnerability
Azure Monitor
Azure Monitor Elevation of Privilege Vulnerability
Mariner
Excessive resource consumption when printing error string for host certificate validation in crypto/x509
Mariner
Improper application of excluded DNS name constraints when verifying wildcard names in crypto/x509
Mariner
Grub2: missing unregister call for normal_exit command may lead to use-after-free
Mariner
Grub2: missing unregister call for normal commands may lead to use-after-free
Mariner
Grub2: missing unregister call for gettext command may lead to use-after-free
Mariner
Grub2: grub2: out-of-bounds write via malicious usb device
Mariner
BusyBox wget thru 1.3.7 accepted raw CR (0x0D)/LF (0x0A) and other C0 control bytes in the HTTP request-target (path/query), allowing the request line to be split and attacker-controlled headers to be injected. To preserve the HTTP/1.1 request-line shape METHOD SP request-target SP HTTP/1.1, a raw space (0x20) in the request-target must also be rejected (clients should use %20).
Host Process for Windows Tasks
Host Process for Windows Tasks Elevation of Privilege Vulnerability
Mariner
NULL pointer dereference vulnerability exists in GNU libmicrohttpd v1.0.2 and earlier. The vulnerability was fixed in commit ff13abc on the master branch of the libmicrohttpd Git repository, after the v1.0.2 tag. A specially crafted packet sent by an attacker could cause a denial-of-service (DoS) condition.
Mariner
Apache HTTP Server: NTLM Leakage on Windows through UNC SSRF
Windows Storage VSP Driver
Windows 저장소 VSP 드라이버 권한 상승 취약성
Windows Storage VSP Driver
Windows 저장소 VSP 드라이버 권한 상승 취약성
Copilot
Copilot 스푸핑 취약성
Copilot
Copilot 스푸핑 취약성
Copilot
M365 Copilot 스푸핑 취약성
Microsoft Office SharePoint
Microsoft SharePoint Online 권한 상승 취약성
Windows Projected File System
Windows 예상 파일 시스템 권한 상승 취약성
Mariner
Grub2: use-after-free in grub_file_close()
Mariner
Grub2: use-after-free in net_set_vlan
Windows Connected Devices Platform Service
Windows Connected Devices Platform Service Elevation of Privilege Vulnerability
Windows PowerShell
PowerShell 원격 코드 실행 취약성
Windows Ancillary Function Driver for WinSock
WinSock용 Windows 보조 기능 드라이버 권한 상승 취약성
Mariner
runc: LSM labels can be bypassed with malicious config using dummy procfs files
Mariner
container escape due to /dev/console mount and related races
Software for Open Networking in the Cloud (SONiC)
Azure Bastion 권한 상승 취약성
Mariner
Potential denial of service in golang.org/x/crypto/ssh/agent
Mariner
NFSD: Fix crash in nfsd4_read_release()
Mariner
fbcon: Set fb_display[i]->mode to NULL when the mode is released
Mariner
fbdev: bitblit: bound-check glyph index in bit_putcs*
Mariner
wifi: brcmfmac: fix crash while sending Action Frames in standalone AP Mode
Mariner
bpf: Sync pending IRQ work before freeing ring buffer
Mariner
regmap: slimbus: fix bus_context pointer in regmap init calls
Mariner
usb: gadget: f_fs: Fix epfile null pointer access after ep enable.
Mariner
usb: cdns3: gadget: Use-after-free during failed initialization and exit of cdnsp gadget
Mariner
ntfs3: pretend $Extend records as regular files
Mariner
jfs: Verify inode mode when loading from disk
Mariner
accel/habanalabs: support mapping cb with vmalloc-backed coherent memory
Mariner
amd/amdkfd: resolve a race in amdgpu_amdkfd_device_fini_sw
Mariner
Bluetooth: SCO: Fix UAF on sco_conn_free
Mariner
Bluetooth: bcsp: receive data only if registered
Mariner
exfat: validate cluster allocation bits of the allocation bitmap
Mariner
orangefs: fix xattr related buffer overflow...
Mariner
9p/trans_fd: p9_fd_request: kick rx thread if EPOLLIN
Mariner
fbdev: Add bounds checking in bit_putcs to fix vmalloc-out-of-bounds
Mariner
btrfs: ensure no dirty metadata is written back for an fs with errors
Mariner
Bluetooth: hci_event: validate skb length for unknown CC opcode
Mariner
net: bridge: fix use-after-free due to MST port state bypass
Mariner
Bluetooth: MGMT: Fix OOB access in parse_adv_monitor_pattern()
Mariner
iommufd: Don't overflow during division for dirty tracking
Mariner
virtio-net: fix received length check in big packets
Mariner
drm/amdgpu: hide VRAM sysfs attributes on GPUs without VRAM
Mariner
drm/amdgpu: Fix NULL pointer dereference in VRAM logic for APU devices
Mariner
exfat: fix improper check of dentry.stream.valid_size
Mariner
smb/server: fix possible memory leak in smb2_read()
Mariner
smb/server: fix possible refcount leak in smb2_sess_setup()
Mariner
Bluetooth: MGMT: cancel mesh send timer when hdev removed
Mariner
Bluetooth: btusb: reorder cleanup in btusb_disconnect to avoid UAF
Mariner
Bluetooth: 6lowpan: reset link-local header on ipv6 recv path
Mariner
sctp: prevent possible shift-out-of-bounds in sctp_transport_update_rto
Mariner
tipc: Fix use-after-free in tipc_mon_reinit_self().
Mariner
net: sched: act_connmark: initialize struct tc_ife to fix kernel leak
Mariner
net: sched: act_ife: initialize struct tc_ife to fix KMSAN kernel-infoleak
Mariner
drm/vmwgfx: Validate command header size against SVGA_CMD_MAX_DATASIZE
Mariner
ALSA: usb-audio: Fix NULL pointer dereference in snd_usb_mixer_controls_badd
Mariner
NFSD: free copynotify stateid in nfs4_free_ol_stateid()
Mariner
mm/secretmem: fix use-after-free race in fault handler
Mariner
ALSA: usb-audio: Fix potential overflow of PCM transfer buffer
Mariner
cifs: client: fix memory leak in smb3_fs_context_parse_param
Mariner
KVM: arm64: Check the untrusted offset in FF-A memory share
Mariner
be2net: pass wrb_params in case of OS2BMC
Mariner
Input: cros_ec_keyb - fix an invalid memory access
Mariner
Input: imx_sc_key - fix memory corruption on unload
Mariner
nvme: nvme-fc: Ensure ->ioerr_work is cancelled in nvme_fc_delete_ctrl()
Mariner
scsi: sg: Do not sleep in atomic context
Mariner
mptcp: fix race condition in mptcp_schedule_work()
Mariner
mptcp: fix a race in mptcp_pm_del_add_timer()
Mariner
net: openvswitch: remove never-working support for setting nsh fields
Mariner
s390/ctcm: Fix double-kfree
Mariner
net: qlogic/qede: fix potential out-of-bounds read in qede_tpa_cont() and qede_tpa_end()
Mariner
devlink: rate: Unset parent pointer in devl_rate_nodes_destroy
Mariner
net/mlx5: Clean up only new IRQ glue on request_irq() failure
Mariner
vsock: Ignore signal/timeout on connect() if already established
Mariner
drm/msm: Fix pgtable prealloc error path
Mariner
nios2: ensure that memblock.current_limit is set when setting pfn limits
Mariner
hfsplus: fix KMSAN uninit-value issue in __hfsplus_ext_cache_extent()
Mariner
hfs: fix KMSAN uninit-value issue in hfs_find_set_zero_bits()
Mariner
gfs2: Fix unlikely race in gdlm_put_lock
Mariner
sctp: avoid NULL dereference when chunk data buffer is missing
Mariner
ocfs2: clear extent cache after moving/defragmenting extents
Mariner
most: usb: Fix use-after-free in hdm_disconnect
Mariner
fuse: fix livelock in synchronous file put from fuseblk workers
Mariner
PCI/IOV: Add PCI rescan-remove locking when enabling/disabling SR-IOV
Mariner
mm/damon/vaddr: do not repeat pte_offset_map_lock() until success
Mariner
pidfs: validate extensible ioctls
Mariner
xfrm: delete x->tunnel as we delete x
Mariner
ACPI: video: Fix use-after-free in acpi_video_switch_brightness()
Mariner
Revert "NFSD: Remove the cap on number of operations per NFSv4 COMPOUND"
Mariner
media: v4l2-subdev: Fix alloc failure check in v4l2_subdev_call_state_try()
Mariner
netfilter: nft_objref: validate objref and objrefmap expressions
Mariner
btrfs: avoid potential out-of-bounds in btrfs_encode_fh()
Mariner
sctp: Fix MAC comparison to be constant-time
Mariner
ipmi: Rework user message limit handling
Mariner
kernel/sys.c: fix the racy usage of task_lock(tsk->group_leader) in sys_prlimit64() paths
Mariner
Squashfs: reject negative file sizes in squashfs_read_inode()
Mariner
ext4: avoid potential buffer over-read in parse_apply_sb_mount_options()
Mariner
media: mc: Clear minor number before put device
Mariner
mount: handle NULL values in mnt_ns_release()
Mariner
cpufreq: intel_pstate: Fix object lifecycle issue in update_qos_request()
Mariner
xtensa: simdisk: add input size check in proc_write_simdisk
Mariner
Revert "ipmi: fix msg stack when IPMI is disconnected"
Mariner
ext4: guard against EA inode refcount underflow in xattr update
Mariner
pwm: berlin: Fix wrong register in suspend/resume
Mariner
net/sctp: fix a null dereference in sctp_disposition sctp_sf_do_5_1D_ce()
Mariner
mailbox: zynqmp-ipi: Fix out-of-bounds access in mailbox cleanup loop
Mariner
ext4: verify orphan file size is not too big
Mariner
pid: Add a judgment for ns null in pid_nr_ns
Mariner
tls: wait for pending async decryptions if tls_strp_msg_hold fails
Mariner
net/ip6_tunnel: Prevent perpetual tunnel growth
Mariner
accel/qaic: Treat remaining == 0 as error in find_and_map_user_pages()
Mariner
net: use dst_dev_rcu() in sk_setup_caps()
Mariner
smc: Use __sk_dst_get() and dst_dev_rcu() in smc_clc_prfx_match().
Mariner
ext4: detect invalid INLINE_DATA + EXTENTS flag combination
Mariner
media: nxp: imx8-isi: m2m: Fix streaming cleanup on release
Mariner
usbnet: Fix using smp_processor_id() in preemptible code warnings
Mariner
ipv6: use RCU in ip6_output()
Mariner
tls: Use __sk_dst_get() and dst_dev_rcu() in get_netdev_for_sock().
Mariner
blk-mq: fix potential deadlock while nr_requests grown
Mariner
smc: Use __sk_dst_get() and dst_dev_rcu() in in smc_clc_prfx_set().
Mariner
crypto: hisilicon/qm - request reserved interrupt for virtual function
Mariner
ipv6: use RCU in ip6_xmit()
Mariner
drm/vmwgfx: Fix Use-after-free in validation
Mariner
drm/vmwgfx: Fix a null-ptr access in the cursor snooper
Mariner
KissFFT Integer Overflow Heap Buffer Overflow via kiss_fft_alloc
Mariner
runc container escape via "masked path" abuse due to mount race conditions
Mariner
Out-of-memory when loading Plist
Mariner
Excessive read buffering DoS in http.client
Microsoft Edge (Chromium-based)
Chromium: CVE-2025-13721 v8에서 경합
Microsoft Edge (Chromium-based)
Chromium: CVE-2025-13720 로더에서 잘못된 캐스트
Microsoft Edge (Chromium-based)
Chromium: CVE-2025-13640 암호에서 부적절한 구현
Microsoft Edge (Chromium-based)
Chromium: CVE-2025-13639 WebRTC에서 부적절한 구현
Microsoft Edge (Chromium-based)
Chromium: CVE-2025-13638 미디어 스트림에서 UaF(Use after free)
Microsoft Edge (Chromium-based)
Chromium: CVE-2025-13637 다운로드에서 부적절한 구현
Microsoft Edge (Chromium-based)
Chromium: CVE-2025-13636 분할 보기에서 부적절한 구현
Microsoft Edge (Chromium-based)
Chromium: CVE-2025-13635 다운로드에서 부적절한 구현
Microsoft Edge (Chromium-based)
Chromium: CVE-2025-13634 다운로드에서 부적절한 구현
Microsoft Edge (Chromium-based)
Chromium: CVE-2025-13633 디지털 자격 증명에서 UaF(Use after free)
Microsoft Edge (Chromium-based)
Chromium: CVE-2025-13632 DevTools에서 부적절한 구현
Microsoft Edge (Chromium-based)
Chromium: CVE-2025-13631 Google Updater에서 부적절한 구현
Microsoft Edge (Chromium-based)
Chromium: CVE-2025-13630 V8에서 유형 혼란
Mariner
Type Confusion in V8 in Google Chrome prior to 142.0.7444.59 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High)
Mariner
Type Confusion in V8 in Google Chrome prior to 142.0.7444.59 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High)
Mariner
Type Confusion in V8 in Google Chrome prior to 142.0.7444.59 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High)
Microsoft Edge (Chromium-based)
Chromium: CVE-2025-13224 Type Confusion in V8
Microsoft Edge (Chromium-based)
Chromium: CVE-2025-13223 Type Confusion in V8
Mariner
Libvirt: information disclosure via world-readable vm snapshots
Mariner
mruby array.c sort_cmp use after free
Microsoft Edge (Chromium-based)
Chromium: CVE-2025-13042 Inappropriate implementation in V8
Mariner
TLS 1.2 Client Can Downgrade Digest Used
Mariner
Constant Time Issue with Xtensa-based ESP32 and X22519
Mariner
mruby array.c ary_fill_exec out-of-bounds write
Mariner
Untrusted search path in auth_query connection in PgBouncer
Mariner
PostgreSQL libpq undersizes allocations, via integer wraparound
Mariner
PostgreSQL CREATE STATISTICS does not check for schema CREATE privilege
Mariner
Libvirt: denial of service in xml parsing
Mariner
Improper validation of tag size in Text component parser
Mariner
Quadratic complexity in node ID cache clearing
Mariner
Potential DoS Vulnerability through Multiple KeyShareEntry with Same Group in TLS 1.3 ClientHello
Mariner
Forward Secrecy Violation in WolfSSL TLS 1.3
Mariner
Improper Validation of Signature Algorithm Used in TLS 1.3 CertificateVerify
Mariner
DoS Vulnerability in wolfSSL TLS 1.3 CKS Extension
Mariner
Timing Side-Channel in PSK Binder Verification
Mariner
Integer Underflow Leads to Out-of-Bounds Access in XChaCha20-Poly1305 Decrypt
Mariner
Denial of service vulnerability in HAProxy mjson library
Mariner
Rsync: Out of bounds array access via negative index
Mariner
RGW DoS attack with empty HTTP header in S3 object copy
Windows Cryptographic Services
Windows Cryptographic Services 보안 기능 바이패스 취약성
Mariner
containerd affected by a local privilege escalation via wide permissions on CRI directory
Mariner
x86: fix clear_user_rep_good() exception handling annotation
□ 작성 : 위협분석단 취약점분석팀