Skip to main content

Race Condition

1815 CVEs technique

Monthly

CVE-2024-39554 HIGH This Week

A Concurrent Execution using Shared Resource with Improper Synchronization ('Race Condition') vulnerability the Routing Protocol Daemon (rpd) of Juniper Networks Junos OS and Juniper Networks Junos. Rated high severity (CVSS 8.2), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Race Condition Juniper Denial Of Service Junos Junos Os Evolved
NVD
CVSS 4.0
8.2
EPSS
0.4%
CVE-2024-34725 HIGH This Week

In DevmemIntUnexportCtx of devicemem_server.c, there is a possible arbitrary code execution due to a race condition. Rated high severity (CVSS 7.0). No vendor patch available.

Privilege Escalation RCE Race Condition Android
NVD
CVSS 3.1
7.0
EPSS
0.1%
CVE-2024-34724 HIGH This Week

In _UnrefAndMaybeDestroy of pmr.c, there is a possible arbitrary code execution due to a race condition. Rated high severity (CVSS 7.0). No vendor patch available.

Privilege Escalation RCE Race Condition Android
NVD
CVSS 3.1
7.0
EPSS
0.1%
CVE-2024-31327 HIGH PATCH This Week

In multiple functions of MessageQueueBase.h, there is a possible out of bounds write due to a race condition. Rated high severity (CVSS 7.0).

Privilege Escalation Buffer Overflow Race Condition Android
NVD
CVSS 3.1
7.0
EPSS
0.1%
CVE-2024-39296 MEDIUM PATCH This Month

In the Linux kernel, the following vulnerability has been resolved: bonding: fix oops during rmmod "rmmod bonding" causes an oops ever since commit cc317ea3d927 ("bonding: remove redundant NULL check. Rated medium severity (CVSS 4.7).

Race Condition Information Disclosure Linux Linux Kernel
NVD
CVSS 3.1
4.7
EPSS
0.2%
CVE-2024-39293 MEDIUM PATCH This Month

In the Linux kernel, the following vulnerability has been resolved: Revert "xsk: Support redirect to any socket bound to the same umem" This reverts commit 2863d665ea41282379f108e4da6c8a2366ba66db. Rated medium severity (CVSS 4.7).

Race Condition Denial Of Service Linux Linux Kernel
NVD
CVSS 3.1
4.7
EPSS
0.1%
CVE-2024-38306 MEDIUM PATCH This Month

In the Linux kernel, the following vulnerability has been resolved: btrfs: protect folio::private when attaching extent buffer folios [BUG] Since v6.8 there are rare kernel crashes reported by. Rated medium severity (CVSS 4.7).

Race Condition Denial Of Service Linux Linux Kernel
NVD
CVSS 3.1
4.7
EPSS
0.1%
CVE-2024-37354 MEDIUM PATCH This Month

In the Linux kernel, the following vulnerability has been resolved: btrfs: fix crash on racing fsync and size-extending write into prealloc We have been seeing crashes on duplicate keys in. Rated medium severity (CVSS 4.7).

Race Condition Denial Of Service Linux Linux Kernel
NVD
CVSS 3.1
4.7
EPSS
0.2%
CVE-2024-32936 MEDIUM PATCH This Month

In the Linux kernel, the following vulnerability has been resolved: media: ti: j721e-csi2rx: Fix races while restarting DMA After the frame is submitted to DMA, it may happen that the submitted list. Rated medium severity (CVSS 4.7).

Race Condition Denial Of Service Linux Linux Kernel
NVD
CVSS 3.1
4.7
EPSS
0.1%
CVE-2024-38628 MEDIUM PATCH This Month

In the Linux kernel, the following vulnerability has been resolved: usb: gadget: u_audio: Fix race condition use of controls after free during gadget unbind. Rated medium severity (CVSS 5.5), this vulnerability is low attack complexity.

Race Condition Information Disclosure Linux Linux Kernel
NVD
CVSS 3.1
5.5
EPSS
0.2%
CVE-2024-38613 MEDIUM PATCH This Month

In the Linux kernel, the following vulnerability has been resolved: m68k: Fix spinlock race in kernel thread creation Context switching does take care to retain the correct lock owner across the. Rated medium severity (CVSS 4.7).

Race Condition Information Disclosure Linux Linux Kernel
NVD
CVSS 3.1
4.7
EPSS
0.2%
CVE-2024-38601 MEDIUM PATCH This Month

In the Linux kernel, the following vulnerability has been resolved: ring-buffer: Fix a race between readers and resize checks The reader code in rb_get_reader_page() swaps a new reader page into the. Rated medium severity (CVSS 4.7).

Race Condition Information Disclosure Linux Linux Kernel
NVD
CVSS 3.1
4.7
EPSS
0.2%
CVE-2024-38596 MEDIUM PATCH This Month

In the Linux kernel, the following vulnerability has been resolved: af_unix: Fix data races in unix_release_sock/unix_stream_sendmsg A data-race condition has been identified in af_unix. Rated medium severity (CVSS 4.7).

Race Condition Information Disclosure Linux Linux Kernel
NVD
CVSS 3.1
4.7
EPSS
0.0%
CVE-2024-0397 HIGH This Week

A defect was discovered in the Python “ssl” module where there is a memory race condition with the ssl.SSLContext methods “cert_store_stats()” and “get_ca_certs()”. Rated high severity (CVSS 7.4), this vulnerability is remotely exploitable, no authentication required. No vendor patch available.

Race Condition Python Information Disclosure
NVD GitHub
CVSS 3.1
7.4
EPSS
0.8%
CVE-2024-32908 HIGH This Week

In sec_media_protect of media.c, there is a possible permission bypass due to a race condition. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. No vendor patch available.

Privilege Escalation Race Condition Android
NVD
CVSS 3.1
7.8
EPSS
0.1%
CVE-2024-32899 HIGH This Week

In gpu_pm_power_off_top_nolock of pixel_gpu_power.c, there is a possible compromise of protected memory due to a race condition. Rated high severity (CVSS 7.0). No vendor patch available.

Privilege Escalation Race Condition Android
NVD
CVSS 3.1
7.0
EPSS
0.1%
CVE-2024-32891 HIGH This Week

In sec_media_unprotect of media.c, there is a possible memory corruption due to a race condition. Rated high severity (CVSS 7.0). No vendor patch available.

Privilege Escalation Buffer Overflow Race Condition Android
NVD
CVSS 3.1
7.0
EPSS
0.1%
CVE-2024-35255 LIB MEDIUM PATCH MAL This Month

Azure Identity Libraries and Microsoft Authentication Library Elevation of Privilege Vulnerability. Rated medium severity (CVSS 5.5), this vulnerability is low attack complexity.

Race Condition Information Disclosure Microsoft Authentication Library Azure Identity Sdk
NVD
CVSS 3.1
5.5
EPSS
0.8%
CVE-2024-28999 HIGH POC THREAT This Week

The SolarWinds Platform was determined to be affected by a Race Condition Vulnerability affecting the web console. Rated high severity (CVSS 7.5), this vulnerability is no authentication required. Public exploit code available and no vendor patch available.

Race Condition Information Disclosure Solarwinds Platform
NVD Exploit-DB
CVSS 3.1
7.5
EPSS
13.9%
CVE-2024-36927 MEDIUM PATCH This Month

In the Linux kernel, the following vulnerability has been resolved: ipv4: Fix uninit-value access in __ip_make_skb() KMSAN reported uninit-value access in __ip_make_skb() [1]. Rated medium severity (CVSS 4.7).

Race Condition Information Disclosure Linux
NVD
CVSS 3.1
4.7
EPSS
0.2%
CVE-2024-36899 HIGH PATCH This Week

In the Linux kernel, the following vulnerability has been resolved: gpiolib: cdev: Fix use after free in lineinfo_changed_notify The use-after-free issue occurs as follows: when the GPIO chip device. Rated high severity (CVSS 7.0).

Denial Of Service Race Condition Linux Linux Kernel
NVD
CVSS 3.1
7.0
EPSS
0.0%
CVE-2024-36894 MEDIUM PATCH This Month

In the Linux kernel, the following vulnerability has been resolved: usb: gadget: f_fs: Fix race between aio_cancel() and AIO request complete FFS based applications can utilize the aio_cancel(). Rated medium severity (CVSS 5.6).

Race Condition Information Disclosure Linux Linux Kernel
NVD
CVSS 3.1
5.6
EPSS
0.0%
CVE-2024-36028 MEDIUM PATCH This Month

In the Linux kernel, the following vulnerability has been resolved: mm/hugetlb: fix DEBUG_LOCKS_WARN_ON(1) when dissolve_free_hugetlb_folio() When I did memory failure tests recently, below warning. Rated medium severity (CVSS 4.7).

Code Injection Race Condition Linux Linux Kernel
NVD
CVSS 3.1
4.7
EPSS
0.2%
CVE-2024-36024 MEDIUM PATCH This Month

In the Linux kernel, the following vulnerability has been resolved: drm/amd/display: Disable idle reallow as part of command/gpint execution [Why] Workaroud for a race condition where DMCUB is in the. Rated medium severity (CVSS 4.7).

Race Condition Information Disclosure Amd Linux Linux Kernel
NVD
CVSS 3.1
4.7
EPSS
0.2%
CVE-2024-35977 MEDIUM PATCH This Month

In the Linux kernel, the following vulnerability has been resolved: platform/chrome: cros_ec_uart: properly fix race condition The cros_ec_uart_probe() function calls devm_serdev_device_open() before. Rated medium severity (CVSS 4.7).

Race Condition Google Denial Of Service Linux Linux Kernel
NVD
CVSS 3.1
4.7
EPSS
0.2%
CVE-2024-35899 MEDIUM PATCH This Month

In the Linux kernel, the following vulnerability has been resolved: netfilter: nf_tables: flush pending destroy work before exit_net release Similar to 2c9f0293280e ("netfilter: nf_tables: flush. Rated medium severity (CVSS 6.1), this vulnerability is low attack complexity.

Race Condition Information Disclosure Linux Linux Kernel Debian Linux
NVD
CVSS 3.1
6.1
EPSS
0.0%
CVE-2024-35898 MEDIUM PATCH This Month

In the Linux kernel, the following vulnerability has been resolved: netfilter: nf_tables: Fix potential data-race in __nft_flowtable_type_get() nft_unregister_flowtable_type() within. Rated medium severity (CVSS 5.5), this vulnerability is low attack complexity.

Race Condition Information Disclosure Linux Linux Kernel Debian Linux
NVD
CVSS 3.1
5.5
EPSS
0.0%
CVE-2024-35848 MEDIUM PATCH This Month

In the Linux kernel, the following vulnerability has been resolved: eeprom: at24: fix memory corruption race condition If the eeprom is not accessible, an nvmem device will be registered, the read. Rated medium severity (CVSS 4.7).

Buffer Overflow Race Condition Linux Linux Kernel Debian Linux
NVD
CVSS 3.1
4.7
EPSS
0.2%
CVE-2024-35809 MEDIUM PATCH This Month

In the Linux kernel, the following vulnerability has been resolved: PCI/PM: Drain runtime-idle callbacks before driver removal A race condition between the .runtime_idle() callback and the .remove(). Rated medium severity (CVSS 4.7).

Race Condition Denial Of Service Linux Debian Linux Linux Kernel
NVD
CVSS 3.1
4.7
EPSS
0.2%
CVE-2024-35798 MEDIUM PATCH This Month

In the Linux kernel, the following vulnerability has been resolved: btrfs: fix race in read_extent_buffer_pages() There are reports from tree-checker that detects corrupted nodes, without any obvious. Rated medium severity (CVSS 4.7).

Race Condition Information Disclosure Linux Linux Kernel
NVD
CVSS 3.1
4.7
EPSS
0.2%
CVE-2024-27419 MEDIUM PATCH This Month

In the Linux kernel, the following vulnerability has been resolved: netrom: Fix data-races around sysctl_net_busy_read We need to protect the reader reading the sysctl value because the value can be. Rated medium severity (CVSS 4.7).

Race Condition Information Disclosure Linux Linux Kernel Debian Linux
NVD VulDB
CVSS 3.1
4.7
EPSS
0.0%
CVE-2024-27415 MEDIUM PATCH This Month

In the Linux kernel, the following vulnerability has been resolved: netfilter: bridge: confirm multicast packets before passing them up the stack conntrack nf_confirm logic cannot handle cloned skbs. Rated medium severity (CVSS 4.7).

Authentication Bypass Race Condition Linux Linux Kernel
NVD
CVSS 3.1
4.7
EPSS
0.2%
CVE-2024-27408 MEDIUM PATCH This Month

In the Linux kernel, the following vulnerability has been resolved: dmaengine: dw-edma: eDMA: Add sync read before starting the DMA transfer in remote setup The Linked list element and pointer are. Rated medium severity (CVSS 4.7).

Race Condition Information Disclosure Linux Linux Kernel
NVD
CVSS 3.1
4.7
EPSS
0.2%
CVE-2024-27404 MEDIUM PATCH This Month

In the Linux kernel, the following vulnerability has been resolved: mptcp: fix data races on remote_id Similar to the previous patch, address the data race on remote_id, adding the suitable ONCE. Rated medium severity (CVSS 4.7).

Race Condition Information Disclosure Linux Linux Kernel
NVD
CVSS 3.1
4.7
EPSS
0.2%
CVE-2024-32997 MEDIUM This Month

Race condition vulnerability in the binder driver module Impact: Successful exploitation of this vulnerability will affect availability. Rated medium severity (CVSS 4.7). No vendor patch available.

Race Condition Information Disclosure Emui Harmonyos
NVD
CVSS 3.1
4.7
EPSS
0.1%
CVE-2024-32993 MEDIUM This Month

Out-of-bounds access vulnerability in the memory module Impact: Successful exploitation of this vulnerability will affect availability. Rated medium severity (CVSS 5.5), this vulnerability is low attack complexity. No vendor patch available.

Buffer Overflow Race Condition Emui Harmonyos
NVD
CVSS 3.1
5.5
EPSS
0.1%
CVE-2024-32985 MEDIUM This Month

Stellar-core is a reference implementation for the peer-to-peer agent that manages the Stellar network. Rated medium severity (CVSS 5.9), this vulnerability is remotely exploitable, no authentication required. No vendor patch available.

Race Condition Denial Of Service
NVD GitHub
CVSS 3.1
5.9
EPSS
0.4%
CVE-2024-27080 MEDIUM PATCH This Month

In the Linux kernel, the following vulnerability has been resolved: btrfs: fix race when detecting delalloc ranges during fiemap For fiemap we recently stopped locking the target extent range for the. Rated medium severity (CVSS 4.7).

Race Condition Information Disclosure Linux Linux Kernel
NVD
CVSS 3.1
4.7
EPSS
0.2%
CVE-2024-27062 MEDIUM PATCH This Month

In the Linux kernel, the following vulnerability has been resolved: nouveau: lock the client object tree. Rated medium severity (CVSS 5.5), this vulnerability is low attack complexity.

Race Condition Information Disclosure Canonical Linux Linux Kernel
NVD
CVSS 3.1
5.5
EPSS
0.2%
CVE-2024-27058 MEDIUM PATCH This Month

In the Linux kernel, the following vulnerability has been resolved: tmpfs: fix race on handling dquot rbtree A syzkaller reproducer found a race while attempting to remove dquot information from the. Rated medium severity (CVSS 4.7), this vulnerability is remotely exploitable, low attack complexity.

Race Condition Information Disclosure Linux Linux Kernel
NVD
CVSS 3.1
4.7
EPSS
0.5%
CVE-2024-27030 MEDIUM PATCH This Month

In the Linux kernel, the following vulnerability has been resolved: octeontx2-af: Use separate handlers for interrupts For PF to AF interrupt vector and VF to AF vector same interrupt handler is. Rated medium severity (CVSS 6.3).

Race Condition Information Disclosure Linux Linux Kernel Debian Linux
NVD
CVSS 3.1
6.3
EPSS
0.2%
CVE-2024-27020 HIGH PATCH This Week

In the Linux kernel, the following vulnerability has been resolved: netfilter: nf_tables: Fix potential data-race in __nft_expr_type_get() nft_unregister_expr() can concurrent with. Rated high severity (CVSS 7.0).

Race Condition Information Disclosure Linux Linux Kernel
NVD
CVSS 3.1
7.0
EPSS
0.0%
CVE-2024-27019 MEDIUM PATCH This Month

In the Linux kernel, the following vulnerability has been resolved: netfilter: nf_tables: Fix potential data-race in __nft_obj_type_get() nft_unregister_obj() can concurrent with. Rated medium severity (CVSS 4.7).

Race Condition Information Disclosure Linux Linux Kernel Fedora
NVD
CVSS 3.1
4.7
EPSS
0.2%
CVE-2024-27009 MEDIUM PATCH This Month

In the Linux kernel, the following vulnerability has been resolved: s390/cio: fix race condition during online processing A race condition exists in ccw_device_set_online() that can cause the online. Rated medium severity (CVSS 4.7).

Race Condition Information Disclosure Linux Linux Kernel
NVD
CVSS 3.1
4.7
EPSS
0.2%
CVE-2024-27005 MEDIUM PATCH This Month

In the Linux kernel, the following vulnerability has been resolved: interconnect: Don't access req_list while it's being manipulated The icc_lock mutex was split into separate icc_lock and. Rated medium severity (CVSS 6.3).

Race Condition Information Disclosure Linux Linux Kernel
NVD
CVSS 3.1
6.3
EPSS
0.2%
CVE-2024-26984 MEDIUM PATCH This Month

In the Linux kernel, the following vulnerability has been resolved: nouveau: fix instmem race condition around ptr stores Running a lot of VK CTS in parallel against nouveau, once every few hours you. Rated medium severity (CVSS 5.5), this vulnerability is low attack complexity.

Race Condition Denial Of Service Linux Linux Kernel Debian Linux
NVD
CVSS 3.1
5.5
EPSS
0.2%
CVE-2024-26960 MEDIUM PATCH This Month

In the Linux kernel, the following vulnerability has been resolved: mm: swap: fix race between free_swap_and_cache() and swapoff() There was previously a theoretical window where swapoff() could run. Rated medium severity (CVSS 5.5), this vulnerability is low attack complexity.

Race Condition Information Disclosure Linux Linux Kernel Debian Linux
NVD
CVSS 3.1
5.5
EPSS
0.0%
CVE-2024-33904 HIGH This Week

In plugins/HookSystem.cpp in Hyprland through 0.39.1 (before 28c8561), through a race condition, a local attacker can cause execution of arbitrary assembly code by writing to a predictable temporary. Rated high severity (CVSS 7.0). No vendor patch available.

RCE Race Condition
NVD GitHub
CVSS 3.1
7.0
EPSS
0.2%
CVE-2024-26923 MEDIUM PATCH This Month

In the Linux kernel, the following vulnerability has been resolved: af_unix: Fix garbage collector racing against connect() Garbage collector does not take into account the risk of embryo getting. Rated medium severity (CVSS 4.7).

Race Condition Information Disclosure Linux Linux Kernel Debian Linux
NVD
CVSS 3.1
4.7
EPSS
0.0%
CVE-2024-3979 MEDIUM This Month

A vulnerability, which was classified as problematic, has been found in COVESA vsomeip up to 3.4.10. Rated medium severity (CVSS 4.4), this vulnerability is low attack complexity. No vendor patch available.

Race Condition Information Disclosure
NVD GitHub VulDB
CVSS 3.1
4.4
EPSS
0.2%
CVE-2024-26910 MEDIUM PATCH This Month

In the Linux kernel, the following vulnerability has been resolved: netfilter: ipset: fix performance regression in swap operation The patch "netfilter: ipset: fix race condition between swap/destroy. Rated medium severity (CVSS 4.7).

Race Condition Information Disclosure Linux Linux Kernel
NVD
CVSS 3.1
4.7
EPSS
0.2%
CVE-2024-26897 MEDIUM PATCH This Month

In the Linux kernel, the following vulnerability has been resolved: wifi: ath9k: delay all of ath9k_wmi_event_tasklet() until init is complete The ath9k_wmi_event_tasklet() used in ath9k_htc assumes. Rated medium severity (CVSS 4.7).

Denial Of Service Race Condition Linux Linux Kernel Debian Linux
NVD
CVSS 3.1
4.7
EPSS
0.0%
CVE-2024-26878 MEDIUM PATCH This Month

In the Linux kernel, the following vulnerability has been resolved: quota: Fix potential NULL pointer dereference Below race may cause NULL pointer dereference P1 P2 dquot_free_inode quota_off. Rated medium severity (CVSS 4.7).

Denial Of Service Race Condition Linux Linux Kernel Debian Linux
NVD
CVSS 3.1
4.7
EPSS
0.0%
CVE-2024-26869 MEDIUM PATCH This Month

In the Linux kernel, the following vulnerability has been resolved: f2fs: fix to truncate meta inode pages forcely Below race case can cause data corruption: Thread A GC thread - gc_data_segment -. Rated medium severity (CVSS 4.7).

Race Condition Information Disclosure Linux Linux Kernel
NVD
CVSS 3.1
4.7
EPSS
0.2%
CVE-2024-26862 MEDIUM PATCH This Month

In the Linux kernel, the following vulnerability has been resolved: packet: annotate data-races around ignore_outgoing ignore_outgoing is read locklessly from dev_queue_xmit_nit() and. Rated medium severity (CVSS 4.7).

Race Condition Information Disclosure Google Linux Linux Kernel +1
NVD
CVSS 3.1
4.7
EPSS
0.2%
CVE-2024-26861 MEDIUM PATCH This Month

In the Linux kernel, the following vulnerability has been resolved: wireguard: receive: annotate data-race around receiving_counter.counter Syzkaller with KCSAN identified a data-race issue when. Rated medium severity (CVSS 4.7).

Race Condition Information Disclosure Linux Linux Kernel Debian Linux
NVD
CVSS 3.1
4.7
EPSS
0.0%
CVE-2024-26859 MEDIUM PATCH This Month

In the Linux kernel, the following vulnerability has been resolved: net/bnx2x: Prevent access to a freed page in page_pool Fix race condition leading to system crash during EEH error handling During. Rated medium severity (CVSS 4.7).

Denial Of Service Race Condition Linux Linux Kernel Debian Linux
NVD
CVSS 3.1
4.7
EPSS
0.0%
CVE-2024-26837 MEDIUM PATCH This Month

In the Linux kernel, the following vulnerability has been resolved: net: bridge: switchdev: Skip MDB replays of deferred events on offload Before this change, generation of the list of MDB events to. Rated medium severity (CVSS 4.7).

Race Condition Information Disclosure Linux Linux Kernel
NVD
CVSS 3.1
4.7
EPSS
0.2%
CVE-2024-26810 MEDIUM PATCH This Month

In the Linux kernel, the following vulnerability has been resolved: vfio/pci: Lock external INTx masking ops Mask operations through config space changes to DisINTx may race INTx configuration. Rated medium severity (CVSS 4.4), this vulnerability is low attack complexity.

Race Condition Information Disclosure Linux Linux Kernel
NVD
CVSS 3.1
4.4
EPSS
0.0%
CVE-2024-29863 HIGH This Week

A race condition in the installer executable in Qlik Qlikview before versions May 2022 SR3 (12.70.20300) and May 2023 SR2 (12,80.20200) may allow an existing lower privileged user to cause code to be. Rated high severity (CVSS 7.8). No vendor patch available.

Race Condition Information Disclosure Microsoft
NVD
CVSS 3.1
7.8
EPSS
0.4%
CVE-2024-26779 MEDIUM PATCH This Month

In the Linux kernel, the following vulnerability has been resolved: wifi: mac80211: fix race condition on enabling fast-xmit fast-xmit must only be enabled after the sta has been uploaded to the. Rated medium severity (CVSS 5.5), this vulnerability is low attack complexity.

Race Condition Denial Of Service Linux Linux Kernel Debian Linux
NVD
CVSS 3.1
5.5
EPSS
0.2%
CVE-2024-26708 MEDIUM PATCH This Month

In the Linux kernel, the following vulnerability has been resolved: mptcp: really cope with fastopen race Fastopen and PM-trigger subflow shutdown can race, as reported by syzkaller. Rated medium severity (CVSS 5.5), this vulnerability is low attack complexity.

Race Condition Information Disclosure Linux Linux Kernel
NVD
CVSS 3.1
5.5
EPSS
0.2%
CVE-2024-26698 MEDIUM PATCH This Month

In the Linux kernel, the following vulnerability has been resolved: hv_netvsc: Fix race condition between netvsc_probe and netvsc_remove In commit ac5047671758 ("hv_netvsc: Disable NAPI before. Rated medium severity (CVSS 4.7).

Race Condition Information Disclosure Linux Linux Kernel Debian Linux
NVD
CVSS 3.1
4.7
EPSS
0.2%
CVE-2024-26671 MEDIUM PATCH This Month

In the Linux kernel, the following vulnerability has been resolved: blk-mq: fix IO hang from sbitmap wakeup race In blk_mq_mark_tag_wait(), __add_wait_queue() may be re-ordered with the following. Rated medium severity (CVSS 4.7).

Race Condition Information Disclosure Linux Linux Kernel Debian Linux
NVD
CVSS 3.1
4.7
EPSS
0.2%
CVE-2024-26307 MEDIUM This Month

Possible race condition vulnerability in Apache Doris. Rated medium severity (CVSS 5.3), this vulnerability is low attack complexity. No vendor patch available.

Race Condition Information Disclosure Apache Doris
NVD
CVSS 3.1
5.3
EPSS
0.2%
CVE-2024-2193 MEDIUM This Month

A Speculative Race Condition (SRC) vulnerability that impacts modern CPU architectures supporting speculative execution (related to Spectre V1) has been disclosed. Rated medium severity (CVSS 5.7). No vendor patch available.

RCE Race Condition
NVD
CVSS 3.1
5.7
EPSS
1.2%
CVE-2024-26617 HIGH PATCH This Week

In the Linux kernel, the following vulnerability has been resolved: fs/proc/task_mmu: move mmu notification mechanism inside mm lock Move mmu notification mechanism inside mm lock to prevent race. Rated high severity (CVSS 7.0).

Race Condition Information Disclosure Linux Linux Kernel
NVD
CVSS 3.1
7.0
EPSS
0.2%
CVE-2024-23275 MEDIUM This Month

A race condition was addressed with additional validation. Rated medium severity (CVSS 4.7), this vulnerability is no authentication required. No vendor patch available.

Race Condition Apple Information Disclosure macOS
NVD VulDB
CVSS 3.1
4.7
EPSS
0.0%
CVE-2024-23239 MEDIUM This Month

A race condition was addressed with improved state handling. Rated medium severity (CVSS 4.7), this vulnerability is no authentication required. No vendor patch available.

Race Condition Apple Information Disclosure Ipad Os Iphone Os +3
NVD VulDB
CVSS 3.1
4.7
EPSS
0.1%
CVE-2024-23235 MEDIUM This Month

A race condition was addressed with additional validation. Rated medium severity (CVSS 4.7), this vulnerability is no authentication required. No vendor patch available.

Race Condition Apple Information Disclosure Ipados Iphone Os +4
NVD VulDB
CVSS 3.1
4.7
EPSS
0.1%
CVE-2024-26578 Go MEDIUM PATCH This Month

Concurrent Execution using Shared Resource with Improper Synchronization ('Race Condition') vulnerability in Apache Answer.2.1. Rated medium severity (CVSS 5.9), this vulnerability is remotely exploitable, no authentication required. No vendor patch available.

Race Condition Information Disclosure Apache Answer
NVD
CVSS 3.1
5.9
EPSS
0.9%
CVE-2024-26585 MEDIUM PATCH This Month

In the Linux kernel, the following vulnerability has been resolved: tls: fix race between tx work scheduling and socket close Similarly to previous commit, the submitting thread (recvmsg/sendmsg) may. Rated medium severity (CVSS 4.7).

Race Condition Information Disclosure Linux Linux Kernel
NVD
CVSS 3.1
4.7
EPSS
0.2%
CVE-2024-26583 MEDIUM PATCH This Month

In the Linux kernel, the following vulnerability has been resolved: tls: fix race between async notify and socket close The submitting thread (one which called recvmsg/sendmsg) may exit as soon as. Rated medium severity (CVSS 4.7).

Race Condition Information Disclosure Linux Linux Kernel
NVD
CVSS 3.1
4.7
EPSS
0.2%
CVE-2024-0041 HIGH PATCH This Week

In removePersistentDot of SystemStatusAnimationSchedulerImpl.kt, there is a possible race condition due to a logic error in the code. Rated high severity (CVSS 7.0).

Privilege Escalation Race Condition Android
NVD
CVSS 3.1
7.0
EPSS
0.1%
CVE-2024-24255 MEDIUM POC This Month

A Race Condition discovered in geofence.cpp and mission_feasibility_checker.cpp in PX4 Autopilot 1.14 and earlier allows attackers to send drones on unintended missions. Rated medium severity (CVSS 4.2), this vulnerability is remotely exploitable. Public exploit code available and no vendor patch available.

Race Condition Information Disclosure Px4 Drone Autopilot
NVD GitHub
CVSS 3.1
4.2
EPSS
0.3%
CVE-2024-24254 MEDIUM POC This Month

PX4 Autopilot 1.14 and earlier, due to the lack of synchronization mechanism for loading geofence data, has a Race Condition vulnerability in the geofence.cpp and mission_feasibility_checker.cpp. Rated medium severity (CVSS 4.2), this vulnerability is remotely exploitable. Public exploit code available and no vendor patch available.

Race Condition Information Disclosure Px4 Drone Autopilot
NVD GitHub
CVSS 3.1
4.2
EPSS
0.4%
CVE-2024-24864 MEDIUM This Month

A race condition was found in the Linux kernel's media/dvb-core in dvbdmx_write() function. Rated medium severity (CVSS 4.7). No vendor patch available.

Race Condition Denial Of Service Linux Linux Kernel
NVD
CVSS 3.1
4.7
EPSS
0.2%
CVE-2024-24861 MEDIUM This Month

A race condition was found in the Linux kernel's media/xc4000 device driver in xc4000 xc4000_get_frequency() function. Rated medium severity (CVSS 6.3). No vendor patch available.

Race Condition Denial Of Service Linux Linux Kernel
NVD
CVSS 3.1
6.3
EPSS
0.2%
CVE-2024-24860 MEDIUM This Month

A race condition was found in the Linux kernel's bluetooth device driver in {min,max}_key_size_set() function. Rated medium severity (CVSS 5.3), this vulnerability is no authentication required. No vendor patch available.

Race Condition Denial Of Service Linux Linux Kernel
NVD
CVSS 3.1
5.3
EPSS
0.8%
CVE-2024-24859 MEDIUM This Month

A race condition was found in the Linux kernel's net/bluetooth in sniff_{min,max}_interval_set() function. Rated medium severity (CVSS 4.6). No vendor patch available.

Denial Of Service Race Condition Linux Linux Kernel
NVD
CVSS 3.1
4.6
EPSS
0.0%
CVE-2024-24858 MEDIUM This Month

A race condition was found in the Linux kernel's net/bluetooth in {conn,adv}_{min,max}_interval_set() function. Rated medium severity (CVSS 4.6). No vendor patch available.

Denial Of Service Race Condition Linux Debian Linux Linux Kernel
NVD
CVSS 3.1
4.6
EPSS
0.0%
CVE-2024-24857 MEDIUM This Month

A race condition was found in the Linux kernel's net/bluetooth device driver in conn_info_{min,max}_age_set() function. Rated medium severity (CVSS 4.6). No vendor patch available.

Denial Of Service Race Condition Linux Debian Linux Linux Kernel
NVD
CVSS 3.1
4.6
EPSS
0.0%
CVE-2024-24855 MEDIUM This Month

A race condition was found in the Linux kernel's scsi device driver in lpfc_unregister_fcf_rescan() function. Rated medium severity (CVSS 5.0). No vendor patch available.

Denial Of Service Race Condition Linux Linux Kernel
NVD
CVSS 3.1
5.0
EPSS
0.0%
CVE-2024-23196 MEDIUM This Month

A race condition was found in the Linux kernel's sound/hda device driver in snd_hdac_regmap_sync() function. Rated medium severity (CVSS 4.7). No vendor patch available.

Race Condition Denial Of Service Linux Linux Kernel
NVD
CVSS 3.1
4.7
EPSS
0.2%
CVE-2024-22386 MEDIUM This Month

A race condition was found in the Linux kernel's drm/exynos device driver in exynos_drm_crtc_atomic_disable() function. Rated medium severity (CVSS 4.7). No vendor patch available.

Denial Of Service Race Condition Samsung Linux Linux Kernel
NVD
CVSS 3.1
4.7
EPSS
0.2%
CVE-2024-20007 HIGH This Week

In mp3 decoder, there is a possible out of bounds write due to a race condition. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required. No vendor patch available.

Privilege Escalation Buffer Overflow Race Condition Android
NVD
CVSS 3.1
7.5
EPSS
0.3%
CVE-2024-0605 HIGH This Week

Using a javascript: URI with a setTimeout race condition, an attacker can execute unauthorized scripts on top origin sites in urlbar. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required. No vendor patch available.

Apple Race Condition RCE Firefox Focus
NVD
CVSS 3.1
7.5
EPSS
0.4%
CVE-2024-21601 MEDIUM This Month

A Concurrent Execution using Shared Resource with Improper Synchronization ('Race Condition') vulnerability in the Flow-processing Daemon (flowd) of Juniper Networks Junos OS on SRX Series allows an. Rated medium severity (CVSS 5.9), this vulnerability is remotely exploitable, no authentication required. No vendor patch available.

Denial Of Service Race Condition Juniper Junos
NVD
CVSS 3.1
5.9
EPSS
0.2%
CVE-2023-42832 HIGH This Week

A race condition was addressed with improved state handling. Rated high severity (CVSS 7.0), this vulnerability is no authentication required. No vendor patch available.

Race Condition Apple Information Disclosure macOS
NVD
CVSS 3.1
7.0
EPSS
0.1%
CVE-2023-49619 Go LOW PATCH Monitor

Concurrent Execution using Shared Resource with Improper Synchronization ('Race Condition') vulnerability in Apache Answer.2.0. Rated low severity (CVSS 3.1), this vulnerability is remotely exploitable.

Apache Race Condition Information Disclosure Answer
NVD
CVSS 3.1
3.1
EPSS
1.3%
EPSS 0% CVSS 8.2
HIGH This Week

A Concurrent Execution using Shared Resource with Improper Synchronization ('Race Condition') vulnerability the Routing Protocol Daemon (rpd) of Juniper Networks Junos OS and Juniper Networks Junos. Rated high severity (CVSS 8.2), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Race Condition Juniper Denial Of Service +2
NVD
EPSS 0% CVSS 7.0
HIGH This Week

In DevmemIntUnexportCtx of devicemem_server.c, there is a possible arbitrary code execution due to a race condition. Rated high severity (CVSS 7.0). No vendor patch available.

Privilege Escalation RCE Race Condition +1
NVD
EPSS 0% CVSS 7.0
HIGH This Week

In _UnrefAndMaybeDestroy of pmr.c, there is a possible arbitrary code execution due to a race condition. Rated high severity (CVSS 7.0). No vendor patch available.

Privilege Escalation RCE Race Condition +1
NVD
EPSS 0% CVSS 7.0
HIGH PATCH This Week

In multiple functions of MessageQueueBase.h, there is a possible out of bounds write due to a race condition. Rated high severity (CVSS 7.0).

Privilege Escalation Buffer Overflow Race Condition +1
NVD
EPSS 0% CVSS 4.7
MEDIUM PATCH This Month

In the Linux kernel, the following vulnerability has been resolved: bonding: fix oops during rmmod "rmmod bonding" causes an oops ever since commit cc317ea3d927 ("bonding: remove redundant NULL check. Rated medium severity (CVSS 4.7).

Race Condition Information Disclosure Linux +1
NVD
EPSS 0% CVSS 4.7
MEDIUM PATCH This Month

In the Linux kernel, the following vulnerability has been resolved: Revert "xsk: Support redirect to any socket bound to the same umem" This reverts commit 2863d665ea41282379f108e4da6c8a2366ba66db. Rated medium severity (CVSS 4.7).

Race Condition Denial Of Service Linux +1
NVD
EPSS 0% CVSS 4.7
MEDIUM PATCH This Month

In the Linux kernel, the following vulnerability has been resolved: btrfs: protect folio::private when attaching extent buffer folios [BUG] Since v6.8 there are rare kernel crashes reported by. Rated medium severity (CVSS 4.7).

Race Condition Denial Of Service Linux +1
NVD
EPSS 0% CVSS 4.7
MEDIUM PATCH This Month

In the Linux kernel, the following vulnerability has been resolved: btrfs: fix crash on racing fsync and size-extending write into prealloc We have been seeing crashes on duplicate keys in. Rated medium severity (CVSS 4.7).

Race Condition Denial Of Service Linux +1
NVD
EPSS 0% CVSS 4.7
MEDIUM PATCH This Month

In the Linux kernel, the following vulnerability has been resolved: media: ti: j721e-csi2rx: Fix races while restarting DMA After the frame is submitted to DMA, it may happen that the submitted list. Rated medium severity (CVSS 4.7).

Race Condition Denial Of Service Linux +1
NVD
EPSS 0% CVSS 5.5
MEDIUM PATCH This Month

In the Linux kernel, the following vulnerability has been resolved: usb: gadget: u_audio: Fix race condition use of controls after free during gadget unbind. Rated medium severity (CVSS 5.5), this vulnerability is low attack complexity.

Race Condition Information Disclosure Linux +1
NVD
EPSS 0% CVSS 4.7
MEDIUM PATCH This Month

In the Linux kernel, the following vulnerability has been resolved: m68k: Fix spinlock race in kernel thread creation Context switching does take care to retain the correct lock owner across the. Rated medium severity (CVSS 4.7).

Race Condition Information Disclosure Linux +1
NVD
EPSS 0% CVSS 4.7
MEDIUM PATCH This Month

In the Linux kernel, the following vulnerability has been resolved: ring-buffer: Fix a race between readers and resize checks The reader code in rb_get_reader_page() swaps a new reader page into the. Rated medium severity (CVSS 4.7).

Race Condition Information Disclosure Linux +1
NVD
EPSS 0% CVSS 4.7
MEDIUM PATCH This Month

In the Linux kernel, the following vulnerability has been resolved: af_unix: Fix data races in unix_release_sock/unix_stream_sendmsg A data-race condition has been identified in af_unix. Rated medium severity (CVSS 4.7).

Race Condition Information Disclosure Linux +1
NVD
EPSS 1% CVSS 7.4
HIGH This Week

A defect was discovered in the Python “ssl” module where there is a memory race condition with the ssl.SSLContext methods “cert_store_stats()” and “get_ca_certs()”. Rated high severity (CVSS 7.4), this vulnerability is remotely exploitable, no authentication required. No vendor patch available.

Race Condition Python Information Disclosure
NVD GitHub
EPSS 0% CVSS 7.8
HIGH This Week

In sec_media_protect of media.c, there is a possible permission bypass due to a race condition. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. No vendor patch available.

Privilege Escalation Race Condition Android
NVD
EPSS 0% CVSS 7.0
HIGH This Week

In gpu_pm_power_off_top_nolock of pixel_gpu_power.c, there is a possible compromise of protected memory due to a race condition. Rated high severity (CVSS 7.0). No vendor patch available.

Privilege Escalation Race Condition Android
NVD
EPSS 0% CVSS 7.0
HIGH This Week

In sec_media_unprotect of media.c, there is a possible memory corruption due to a race condition. Rated high severity (CVSS 7.0). No vendor patch available.

Privilege Escalation Buffer Overflow Race Condition +1
NVD
EPSS 1% CVSS 5.5
MEDIUM PATCH This Month

Azure Identity Libraries and Microsoft Authentication Library Elevation of Privilege Vulnerability. Rated medium severity (CVSS 5.5), this vulnerability is low attack complexity.

Race Condition Information Disclosure Microsoft +2
NVD
EPSS 14% CVSS 7.5
HIGH POC THREAT This Week

The SolarWinds Platform was determined to be affected by a Race Condition Vulnerability affecting the web console. Rated high severity (CVSS 7.5), this vulnerability is no authentication required. Public exploit code available and no vendor patch available.

Race Condition Information Disclosure Solarwinds Platform
NVD Exploit-DB
EPSS 0% CVSS 4.7
MEDIUM PATCH This Month

In the Linux kernel, the following vulnerability has been resolved: ipv4: Fix uninit-value access in __ip_make_skb() KMSAN reported uninit-value access in __ip_make_skb() [1]. Rated medium severity (CVSS 4.7).

Race Condition Information Disclosure Linux
NVD
EPSS 0% CVSS 7.0
HIGH PATCH This Week

In the Linux kernel, the following vulnerability has been resolved: gpiolib: cdev: Fix use after free in lineinfo_changed_notify The use-after-free issue occurs as follows: when the GPIO chip device. Rated high severity (CVSS 7.0).

Denial Of Service Race Condition Linux +1
NVD
EPSS 0% CVSS 5.6
MEDIUM PATCH This Month

In the Linux kernel, the following vulnerability has been resolved: usb: gadget: f_fs: Fix race between aio_cancel() and AIO request complete FFS based applications can utilize the aio_cancel(). Rated medium severity (CVSS 5.6).

Race Condition Information Disclosure Linux +1
NVD
EPSS 0% CVSS 4.7
MEDIUM PATCH This Month

In the Linux kernel, the following vulnerability has been resolved: mm/hugetlb: fix DEBUG_LOCKS_WARN_ON(1) when dissolve_free_hugetlb_folio() When I did memory failure tests recently, below warning. Rated medium severity (CVSS 4.7).

Code Injection Race Condition Linux +1
NVD
EPSS 0% CVSS 4.7
MEDIUM PATCH This Month

In the Linux kernel, the following vulnerability has been resolved: drm/amd/display: Disable idle reallow as part of command/gpint execution [Why] Workaroud for a race condition where DMCUB is in the. Rated medium severity (CVSS 4.7).

Race Condition Information Disclosure Amd +2
NVD
EPSS 0% CVSS 4.7
MEDIUM PATCH This Month

In the Linux kernel, the following vulnerability has been resolved: platform/chrome: cros_ec_uart: properly fix race condition The cros_ec_uart_probe() function calls devm_serdev_device_open() before. Rated medium severity (CVSS 4.7).

Race Condition Google Denial Of Service +2
NVD
EPSS 0% CVSS 6.1
MEDIUM PATCH This Month

In the Linux kernel, the following vulnerability has been resolved: netfilter: nf_tables: flush pending destroy work before exit_net release Similar to 2c9f0293280e ("netfilter: nf_tables: flush. Rated medium severity (CVSS 6.1), this vulnerability is low attack complexity.

Race Condition Information Disclosure Linux +2
NVD
EPSS 0% CVSS 5.5
MEDIUM PATCH This Month

In the Linux kernel, the following vulnerability has been resolved: netfilter: nf_tables: Fix potential data-race in __nft_flowtable_type_get() nft_unregister_flowtable_type() within. Rated medium severity (CVSS 5.5), this vulnerability is low attack complexity.

Race Condition Information Disclosure Linux +2
NVD
EPSS 0% CVSS 4.7
MEDIUM PATCH This Month

In the Linux kernel, the following vulnerability has been resolved: eeprom: at24: fix memory corruption race condition If the eeprom is not accessible, an nvmem device will be registered, the read. Rated medium severity (CVSS 4.7).

Buffer Overflow Race Condition Linux +2
NVD
EPSS 0% CVSS 4.7
MEDIUM PATCH This Month

In the Linux kernel, the following vulnerability has been resolved: PCI/PM: Drain runtime-idle callbacks before driver removal A race condition between the .runtime_idle() callback and the .remove(). Rated medium severity (CVSS 4.7).

Race Condition Denial Of Service Linux +2
NVD
EPSS 0% CVSS 4.7
MEDIUM PATCH This Month

In the Linux kernel, the following vulnerability has been resolved: btrfs: fix race in read_extent_buffer_pages() There are reports from tree-checker that detects corrupted nodes, without any obvious. Rated medium severity (CVSS 4.7).

Race Condition Information Disclosure Linux +1
NVD
EPSS 0% CVSS 4.7
MEDIUM PATCH This Month

In the Linux kernel, the following vulnerability has been resolved: netrom: Fix data-races around sysctl_net_busy_read We need to protect the reader reading the sysctl value because the value can be. Rated medium severity (CVSS 4.7).

Race Condition Information Disclosure Linux +2
NVD VulDB
EPSS 0% CVSS 4.7
MEDIUM PATCH This Month

In the Linux kernel, the following vulnerability has been resolved: netfilter: bridge: confirm multicast packets before passing them up the stack conntrack nf_confirm logic cannot handle cloned skbs. Rated medium severity (CVSS 4.7).

Authentication Bypass Race Condition Linux +1
NVD
EPSS 0% CVSS 4.7
MEDIUM PATCH This Month

In the Linux kernel, the following vulnerability has been resolved: dmaengine: dw-edma: eDMA: Add sync read before starting the DMA transfer in remote setup The Linked list element and pointer are. Rated medium severity (CVSS 4.7).

Race Condition Information Disclosure Linux +1
NVD
EPSS 0% CVSS 4.7
MEDIUM PATCH This Month

In the Linux kernel, the following vulnerability has been resolved: mptcp: fix data races on remote_id Similar to the previous patch, address the data race on remote_id, adding the suitable ONCE. Rated medium severity (CVSS 4.7).

Race Condition Information Disclosure Linux +1
NVD
EPSS 0% CVSS 4.7
MEDIUM This Month

Race condition vulnerability in the binder driver module Impact: Successful exploitation of this vulnerability will affect availability. Rated medium severity (CVSS 4.7). No vendor patch available.

Race Condition Information Disclosure Emui +1
NVD
EPSS 0% CVSS 5.5
MEDIUM This Month

Out-of-bounds access vulnerability in the memory module Impact: Successful exploitation of this vulnerability will affect availability. Rated medium severity (CVSS 5.5), this vulnerability is low attack complexity. No vendor patch available.

Buffer Overflow Race Condition Emui +1
NVD
EPSS 0% CVSS 5.9
MEDIUM This Month

Stellar-core is a reference implementation for the peer-to-peer agent that manages the Stellar network. Rated medium severity (CVSS 5.9), this vulnerability is remotely exploitable, no authentication required. No vendor patch available.

Race Condition Denial Of Service
NVD GitHub
EPSS 0% CVSS 4.7
MEDIUM PATCH This Month

In the Linux kernel, the following vulnerability has been resolved: btrfs: fix race when detecting delalloc ranges during fiemap For fiemap we recently stopped locking the target extent range for the. Rated medium severity (CVSS 4.7).

Race Condition Information Disclosure Linux +1
NVD
EPSS 0% CVSS 5.5
MEDIUM PATCH This Month

In the Linux kernel, the following vulnerability has been resolved: nouveau: lock the client object tree. Rated medium severity (CVSS 5.5), this vulnerability is low attack complexity.

Race Condition Information Disclosure Canonical +2
NVD
EPSS 0% CVSS 4.7
MEDIUM PATCH This Month

In the Linux kernel, the following vulnerability has been resolved: tmpfs: fix race on handling dquot rbtree A syzkaller reproducer found a race while attempting to remove dquot information from the. Rated medium severity (CVSS 4.7), this vulnerability is remotely exploitable, low attack complexity.

Race Condition Information Disclosure Linux +1
NVD
EPSS 0% CVSS 6.3
MEDIUM PATCH This Month

In the Linux kernel, the following vulnerability has been resolved: octeontx2-af: Use separate handlers for interrupts For PF to AF interrupt vector and VF to AF vector same interrupt handler is. Rated medium severity (CVSS 6.3).

Race Condition Information Disclosure Linux +2
NVD
EPSS 0% CVSS 7.0
HIGH PATCH This Week

In the Linux kernel, the following vulnerability has been resolved: netfilter: nf_tables: Fix potential data-race in __nft_expr_type_get() nft_unregister_expr() can concurrent with. Rated high severity (CVSS 7.0).

Race Condition Information Disclosure Linux +1
NVD
EPSS 0% CVSS 4.7
MEDIUM PATCH This Month

In the Linux kernel, the following vulnerability has been resolved: netfilter: nf_tables: Fix potential data-race in __nft_obj_type_get() nft_unregister_obj() can concurrent with. Rated medium severity (CVSS 4.7).

Race Condition Information Disclosure Linux +2
NVD
EPSS 0% CVSS 4.7
MEDIUM PATCH This Month

In the Linux kernel, the following vulnerability has been resolved: s390/cio: fix race condition during online processing A race condition exists in ccw_device_set_online() that can cause the online. Rated medium severity (CVSS 4.7).

Race Condition Information Disclosure Linux +1
NVD
EPSS 0% CVSS 6.3
MEDIUM PATCH This Month

In the Linux kernel, the following vulnerability has been resolved: interconnect: Don't access req_list while it's being manipulated The icc_lock mutex was split into separate icc_lock and. Rated medium severity (CVSS 6.3).

Race Condition Information Disclosure Linux +1
NVD
EPSS 0% CVSS 5.5
MEDIUM PATCH This Month

In the Linux kernel, the following vulnerability has been resolved: nouveau: fix instmem race condition around ptr stores Running a lot of VK CTS in parallel against nouveau, once every few hours you. Rated medium severity (CVSS 5.5), this vulnerability is low attack complexity.

Race Condition Denial Of Service Linux +2
NVD
EPSS 0% CVSS 5.5
MEDIUM PATCH This Month

In the Linux kernel, the following vulnerability has been resolved: mm: swap: fix race between free_swap_and_cache() and swapoff() There was previously a theoretical window where swapoff() could run. Rated medium severity (CVSS 5.5), this vulnerability is low attack complexity.

Race Condition Information Disclosure Linux +2
NVD
EPSS 0% CVSS 7.0
HIGH This Week

In plugins/HookSystem.cpp in Hyprland through 0.39.1 (before 28c8561), through a race condition, a local attacker can cause execution of arbitrary assembly code by writing to a predictable temporary. Rated high severity (CVSS 7.0). No vendor patch available.

RCE Race Condition
NVD GitHub
EPSS 0% CVSS 4.7
MEDIUM PATCH This Month

In the Linux kernel, the following vulnerability has been resolved: af_unix: Fix garbage collector racing against connect() Garbage collector does not take into account the risk of embryo getting. Rated medium severity (CVSS 4.7).

Race Condition Information Disclosure Linux +2
NVD
EPSS 0% CVSS 4.4
MEDIUM This Month

A vulnerability, which was classified as problematic, has been found in COVESA vsomeip up to 3.4.10. Rated medium severity (CVSS 4.4), this vulnerability is low attack complexity. No vendor patch available.

Race Condition Information Disclosure
NVD GitHub VulDB
EPSS 0% CVSS 4.7
MEDIUM PATCH This Month

In the Linux kernel, the following vulnerability has been resolved: netfilter: ipset: fix performance regression in swap operation The patch "netfilter: ipset: fix race condition between swap/destroy. Rated medium severity (CVSS 4.7).

Race Condition Information Disclosure Linux +1
NVD
EPSS 0% CVSS 4.7
MEDIUM PATCH This Month

In the Linux kernel, the following vulnerability has been resolved: wifi: ath9k: delay all of ath9k_wmi_event_tasklet() until init is complete The ath9k_wmi_event_tasklet() used in ath9k_htc assumes. Rated medium severity (CVSS 4.7).

Denial Of Service Race Condition Linux +2
NVD
EPSS 0% CVSS 4.7
MEDIUM PATCH This Month

In the Linux kernel, the following vulnerability has been resolved: quota: Fix potential NULL pointer dereference Below race may cause NULL pointer dereference P1 P2 dquot_free_inode quota_off. Rated medium severity (CVSS 4.7).

Denial Of Service Race Condition Linux +2
NVD
EPSS 0% CVSS 4.7
MEDIUM PATCH This Month

In the Linux kernel, the following vulnerability has been resolved: f2fs: fix to truncate meta inode pages forcely Below race case can cause data corruption: Thread A GC thread - gc_data_segment -. Rated medium severity (CVSS 4.7).

Race Condition Information Disclosure Linux +1
NVD
EPSS 0% CVSS 4.7
MEDIUM PATCH This Month

In the Linux kernel, the following vulnerability has been resolved: packet: annotate data-races around ignore_outgoing ignore_outgoing is read locklessly from dev_queue_xmit_nit() and. Rated medium severity (CVSS 4.7).

Race Condition Information Disclosure Google +3
NVD
EPSS 0% CVSS 4.7
MEDIUM PATCH This Month

In the Linux kernel, the following vulnerability has been resolved: wireguard: receive: annotate data-race around receiving_counter.counter Syzkaller with KCSAN identified a data-race issue when. Rated medium severity (CVSS 4.7).

Race Condition Information Disclosure Linux +2
NVD
EPSS 0% CVSS 4.7
MEDIUM PATCH This Month

In the Linux kernel, the following vulnerability has been resolved: net/bnx2x: Prevent access to a freed page in page_pool Fix race condition leading to system crash during EEH error handling During. Rated medium severity (CVSS 4.7).

Denial Of Service Race Condition Linux +2
NVD
EPSS 0% CVSS 4.7
MEDIUM PATCH This Month

In the Linux kernel, the following vulnerability has been resolved: net: bridge: switchdev: Skip MDB replays of deferred events on offload Before this change, generation of the list of MDB events to. Rated medium severity (CVSS 4.7).

Race Condition Information Disclosure Linux +1
NVD
EPSS 0% CVSS 4.4
MEDIUM PATCH This Month

In the Linux kernel, the following vulnerability has been resolved: vfio/pci: Lock external INTx masking ops Mask operations through config space changes to DisINTx may race INTx configuration. Rated medium severity (CVSS 4.4), this vulnerability is low attack complexity.

Race Condition Information Disclosure Linux +1
NVD
EPSS 0% CVSS 7.8
HIGH This Week

A race condition in the installer executable in Qlik Qlikview before versions May 2022 SR3 (12.70.20300) and May 2023 SR2 (12,80.20200) may allow an existing lower privileged user to cause code to be. Rated high severity (CVSS 7.8). No vendor patch available.

Race Condition Information Disclosure Microsoft
NVD
EPSS 0% CVSS 5.5
MEDIUM PATCH This Month

In the Linux kernel, the following vulnerability has been resolved: wifi: mac80211: fix race condition on enabling fast-xmit fast-xmit must only be enabled after the sta has been uploaded to the. Rated medium severity (CVSS 5.5), this vulnerability is low attack complexity.

Race Condition Denial Of Service Linux +2
NVD
EPSS 0% CVSS 5.5
MEDIUM PATCH This Month

In the Linux kernel, the following vulnerability has been resolved: mptcp: really cope with fastopen race Fastopen and PM-trigger subflow shutdown can race, as reported by syzkaller. Rated medium severity (CVSS 5.5), this vulnerability is low attack complexity.

Race Condition Information Disclosure Linux +1
NVD
EPSS 0% CVSS 4.7
MEDIUM PATCH This Month

In the Linux kernel, the following vulnerability has been resolved: hv_netvsc: Fix race condition between netvsc_probe and netvsc_remove In commit ac5047671758 ("hv_netvsc: Disable NAPI before. Rated medium severity (CVSS 4.7).

Race Condition Information Disclosure Linux +2
NVD
EPSS 0% CVSS 4.7
MEDIUM PATCH This Month

In the Linux kernel, the following vulnerability has been resolved: blk-mq: fix IO hang from sbitmap wakeup race In blk_mq_mark_tag_wait(), __add_wait_queue() may be re-ordered with the following. Rated medium severity (CVSS 4.7).

Race Condition Information Disclosure Linux +2
NVD
EPSS 0% CVSS 5.3
MEDIUM This Month

Possible race condition vulnerability in Apache Doris. Rated medium severity (CVSS 5.3), this vulnerability is low attack complexity. No vendor patch available.

Race Condition Information Disclosure Apache +1
NVD
EPSS 1% CVSS 5.7
MEDIUM This Month

A Speculative Race Condition (SRC) vulnerability that impacts modern CPU architectures supporting speculative execution (related to Spectre V1) has been disclosed. Rated medium severity (CVSS 5.7). No vendor patch available.

RCE Race Condition
NVD
EPSS 0% CVSS 7.0
HIGH PATCH This Week

In the Linux kernel, the following vulnerability has been resolved: fs/proc/task_mmu: move mmu notification mechanism inside mm lock Move mmu notification mechanism inside mm lock to prevent race. Rated high severity (CVSS 7.0).

Race Condition Information Disclosure Linux +1
NVD
EPSS 0% CVSS 4.7
MEDIUM This Month

A race condition was addressed with additional validation. Rated medium severity (CVSS 4.7), this vulnerability is no authentication required. No vendor patch available.

Race Condition Apple Information Disclosure +1
NVD VulDB
EPSS 0% CVSS 4.7
MEDIUM This Month

A race condition was addressed with improved state handling. Rated medium severity (CVSS 4.7), this vulnerability is no authentication required. No vendor patch available.

Race Condition Apple Information Disclosure +5
NVD VulDB
EPSS 0% CVSS 4.7
MEDIUM This Month

A race condition was addressed with additional validation. Rated medium severity (CVSS 4.7), this vulnerability is no authentication required. No vendor patch available.

Race Condition Apple Information Disclosure +6
NVD VulDB
EPSS 1% CVSS 5.9
MEDIUM PATCH This Month

Concurrent Execution using Shared Resource with Improper Synchronization ('Race Condition') vulnerability in Apache Answer.2.1. Rated medium severity (CVSS 5.9), this vulnerability is remotely exploitable, no authentication required. No vendor patch available.

Race Condition Information Disclosure Apache +1
NVD
EPSS 0% CVSS 4.7
MEDIUM PATCH This Month

In the Linux kernel, the following vulnerability has been resolved: tls: fix race between tx work scheduling and socket close Similarly to previous commit, the submitting thread (recvmsg/sendmsg) may. Rated medium severity (CVSS 4.7).

Race Condition Information Disclosure Linux +1
NVD
EPSS 0% CVSS 4.7
MEDIUM PATCH This Month

In the Linux kernel, the following vulnerability has been resolved: tls: fix race between async notify and socket close The submitting thread (one which called recvmsg/sendmsg) may exit as soon as. Rated medium severity (CVSS 4.7).

Race Condition Information Disclosure Linux +1
NVD
EPSS 0% CVSS 7.0
HIGH PATCH This Week

In removePersistentDot of SystemStatusAnimationSchedulerImpl.kt, there is a possible race condition due to a logic error in the code. Rated high severity (CVSS 7.0).

Privilege Escalation Race Condition Android
NVD
EPSS 0% CVSS 4.2
MEDIUM POC This Month

A Race Condition discovered in geofence.cpp and mission_feasibility_checker.cpp in PX4 Autopilot 1.14 and earlier allows attackers to send drones on unintended missions. Rated medium severity (CVSS 4.2), this vulnerability is remotely exploitable. Public exploit code available and no vendor patch available.

Race Condition Information Disclosure Px4 Drone Autopilot
NVD GitHub
EPSS 0% CVSS 4.2
MEDIUM POC This Month

PX4 Autopilot 1.14 and earlier, due to the lack of synchronization mechanism for loading geofence data, has a Race Condition vulnerability in the geofence.cpp and mission_feasibility_checker.cpp. Rated medium severity (CVSS 4.2), this vulnerability is remotely exploitable. Public exploit code available and no vendor patch available.

Race Condition Information Disclosure Px4 Drone Autopilot
NVD GitHub
EPSS 0% CVSS 4.7
MEDIUM This Month

A race condition was found in the Linux kernel's media/dvb-core in dvbdmx_write() function. Rated medium severity (CVSS 4.7). No vendor patch available.

Race Condition Denial Of Service Linux +1
NVD
EPSS 0% CVSS 6.3
MEDIUM This Month

A race condition was found in the Linux kernel's media/xc4000 device driver in xc4000 xc4000_get_frequency() function. Rated medium severity (CVSS 6.3). No vendor patch available.

Race Condition Denial Of Service Linux +1
NVD
EPSS 1% CVSS 5.3
MEDIUM This Month

A race condition was found in the Linux kernel's bluetooth device driver in {min,max}_key_size_set() function. Rated medium severity (CVSS 5.3), this vulnerability is no authentication required. No vendor patch available.

Race Condition Denial Of Service Linux +1
NVD
EPSS 0% CVSS 4.6
MEDIUM This Month

A race condition was found in the Linux kernel's net/bluetooth in sniff_{min,max}_interval_set() function. Rated medium severity (CVSS 4.6). No vendor patch available.

Denial Of Service Race Condition Linux +1
NVD
EPSS 0% CVSS 4.6
MEDIUM This Month

A race condition was found in the Linux kernel's net/bluetooth in {conn,adv}_{min,max}_interval_set() function. Rated medium severity (CVSS 4.6). No vendor patch available.

Denial Of Service Race Condition Linux +2
NVD
EPSS 0% CVSS 4.6
MEDIUM This Month

A race condition was found in the Linux kernel's net/bluetooth device driver in conn_info_{min,max}_age_set() function. Rated medium severity (CVSS 4.6). No vendor patch available.

Denial Of Service Race Condition Linux +2
NVD
EPSS 0% CVSS 5.0
MEDIUM This Month

A race condition was found in the Linux kernel's scsi device driver in lpfc_unregister_fcf_rescan() function. Rated medium severity (CVSS 5.0). No vendor patch available.

Denial Of Service Race Condition Linux +1
NVD
EPSS 0% CVSS 4.7
MEDIUM This Month

A race condition was found in the Linux kernel's sound/hda device driver in snd_hdac_regmap_sync() function. Rated medium severity (CVSS 4.7). No vendor patch available.

Race Condition Denial Of Service Linux +1
NVD
EPSS 0% CVSS 4.7
MEDIUM This Month

A race condition was found in the Linux kernel's drm/exynos device driver in exynos_drm_crtc_atomic_disable() function. Rated medium severity (CVSS 4.7). No vendor patch available.

Denial Of Service Race Condition Samsung +2
NVD
EPSS 0% CVSS 7.5
HIGH This Week

In mp3 decoder, there is a possible out of bounds write due to a race condition. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required. No vendor patch available.

Privilege Escalation Buffer Overflow Race Condition +1
NVD
EPSS 0% CVSS 7.5
HIGH This Week

Using a javascript: URI with a setTimeout race condition, an attacker can execute unauthorized scripts on top origin sites in urlbar. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required. No vendor patch available.

Apple Race Condition RCE +1
NVD
EPSS 0% CVSS 5.9
MEDIUM This Month

A Concurrent Execution using Shared Resource with Improper Synchronization ('Race Condition') vulnerability in the Flow-processing Daemon (flowd) of Juniper Networks Junos OS on SRX Series allows an. Rated medium severity (CVSS 5.9), this vulnerability is remotely exploitable, no authentication required. No vendor patch available.

Denial Of Service Race Condition Juniper +1
NVD
EPSS 0% CVSS 7.0
HIGH This Week

A race condition was addressed with improved state handling. Rated high severity (CVSS 7.0), this vulnerability is no authentication required. No vendor patch available.

Race Condition Apple Information Disclosure +1
NVD
EPSS 1% CVSS 3.1
LOW PATCH Monitor

Concurrent Execution using Shared Resource with Improper Synchronization ('Race Condition') vulnerability in Apache Answer.2.0. Rated low severity (CVSS 3.1), this vulnerability is remotely exploitable.

Apache Race Condition Information Disclosure +1
NVD
Prev Page 10 of 21 Next

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy