Skip to main content

Race Condition

1815 CVEs technique

Monthly

CVE-2025-43364 HIGH This Week

A race condition was addressed with additional validation. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Apple Race Condition Information Disclosure
NVD
CVSS 3.1
7.8
EPSS
0.0%
CVE-2022-50518 HIGH PATCH This Week

A race condition vulnerability exists in the Linux kernel's parisc architecture-specific firmware call pdc_iodc_print() that allows local attackers to cause buffer overflows and potentially execute arbitrary code. The vulnerability affects Linux kernel versions from 2.6.25 through versions before the patched releases, requiring local access with low privileges to exploit. With an EPSS score of only 0.01%, this vulnerability has very low exploitation likelihood in the wild despite its high CVSS score of 7.8.

Linux Buffer Overflow Race Condition Linux Kernel Red Hat +1
NVD VulDB
CVSS 3.1
7.8
EPSS
0.0%
CVE-2023-53615 MEDIUM PATCH This Month

In the Linux kernel, the following vulnerability has been resolved: scsi: qla2xxx: Fix deletion race condition System crash when using debug kernel due to link list corruption.

Denial Of Service Race Condition Linux Linux Kernel Red Hat +1
NVD VulDB
CVSS 3.1
4.7
EPSS
0.0%
CVE-2023-53614 MEDIUM PATCH This Month

In the Linux kernel, the following vulnerability has been resolved: mm/ksm: fix race with VMA iteration and mm_struct teardown exit_mmap() will tear down the VMAs and maple tree with the mmap_lock held in write mode.

Race Condition Information Disclosure Linux Linux Kernel Red Hat +1
NVD VulDB
CVSS 3.1
4.7
EPSS
0.0%
CVE-2023-53581 MEDIUM PATCH This Month

In the Linux kernel, the following vulnerability has been resolved: net/mlx5e: Check for NOT_READY flag state after locking Currently the check for NOT_READY flag is performed before obtaining the necessary lock.

Denial Of Service Race Condition Linux Canonical Red Hat +2
NVD
CVSS 3.1
4.7
EPSS
0.0%
CVE-2025-39941 MEDIUM POC PATCH This Month

In the Linux kernel, the following vulnerability has been resolved: zram: fix slot write race condition Parallel concurrent writes to the same zram index result in leaked zsmalloc handles. Schematically we can have something like this: CPU0 CPU1 zram_slot_lock() zs_free(handle) zram_slot_lock() zram_slot_lock() zs_free(handle) zram_slot_lock() compress compress handle = zs_malloc() handle = zs_malloc() zram_slot_lock zram_set_handle(handle) zram_slot_lock zram_slot_lock zram_set_handle(handle) zram_slot_lock Either CPU0 or CPU1 zsmalloc handle will leak because zs_free() is done too early. In fact, we need to reset zram entry right before we set its new handle, all under the same slot lock scope.

Race Condition Information Disclosure Linux Linux Kernel Red Hat +1
NVD GitHub VulDB
CVSS 3.1
4.7
EPSS
0.0%
CVE-2023-53520 MEDIUM PATCH This Month

In the Linux kernel, the following vulnerability has been resolved: Bluetooth: Fix hci_suspend_sync crash If hci_unregister_dev() frees the hci_dev object but hci_suspend_notifier may still be accessing it, it can cause the program to crash. Here's the call trace: <4>[102152.653246] Call Trace: <4>[102152.653254] hci_suspend_sync+0x109/0x301 [bluetooth] <4>[102152.653259] hci_suspend_dev+0x78/0xcd [bluetooth] <4>[102152.653263] hci_suspend_notifier+0x42/0x7a [bluetooth] <4>[102152.653268] notifier_call_chain+0x43/0x6b <4>[102152.653271] __blocking_notifier_call_chain+0x48/0x69 <4>[102152.653273] __pm_notifier_call_chain+0x22/0x39 <4>[102152.653276] pm_suspend+0x287/0x57c <4>[102152.653278] state_store+0xae/0xe5 <4>[102152.653281] kernfs_fop_write+0x109/0x173 <4>[102152.653284] __vfs_write+0x16f/0x1a2 <4>[102152.653287] ? selinux_file_permission+0xca/0x16f <4>[102152.653289] ? security_file_permission+0x36/0x109 <4>[102152.653291] vfs_write+0x114/0x21d <4>[102152.653293] __x64_sys_write+0x7b/0xdb <4>[102152.653296] do_syscall_64+0x59/0x194 <4>[102152.653299] entry_SYSCALL_64_after_hwframe+0x5c/0xc1 This patch holds the reference count of the hci_dev object while processing it in hci_suspend_notifier to avoid potential crash caused by the race condition.

Denial Of Service Linux Race Condition
NVD VulDB
CVSS 3.1
4.7
EPSS
0.0%
CVE-2023-53490 MEDIUM PATCH This Month

In the Linux kernel, the following vulnerability has been resolved: mptcp: fix disconnect vs accept race Despite commit 0ad529d9fd2b ("mptcp: fix possible divide by zero in recvmsg()"), the mptcp protocol is still prone to a race between disconnect() (or shutdown) and accept. The root cause is that the mentioned commit checks the msk-level flag, but mptcp_stream_accept() does acquire the msk-level lock, as it can rely directly on the first subflow lock. As reported by Christoph than can lead to a race where an msk socket is accepted after that mptcp_subflow_queue_clean() releases the listener socket lock and just before it takes destructive actions leading to the following splat: BUG: kernel NULL pointer dereference, address: 0000000000000012 PGD 5a4ca067 P4D 5a4ca067 PUD 37d4c067 PMD 0 Oops: 0000 [#1] PREEMPT SMP CPU: 2 PID: 10955 Comm: syz-executor.5 Not tainted 6.5.0-rc1-gdc7b257ee5dd #37 Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.11.0-2.el7 04/01/2014 RIP: 0010:mptcp_stream_accept+0x1ee/0x2f0 include/net/inet_sock.h:330 Code: 0a 09 00 48 8b 1b 4c 39 e3 74 07 e8 bc 7c 7f fe eb a1 e8 b5 7c 7f fe 4c 8b 6c 24 08 eb 05 e8 a9 7c 7f fe 49 8b 85 d8 09 00 00 <0f> b6 40 12 88 44 24 07 0f b6 6c 24 07 bf 07 00 00 00 89 ee e8 89 RSP: 0018:ffffc90000d07dc0 EFLAGS: 00010293 RAX: 0000000000000000 RBX: ffff888037e8d020 RCX: ffff88803b093300 RDX: 0000000000000000 RSI: ffffffff833822c5 RDI: ffffffff8333896a RBP: 0000607f82031520 R08: ffff88803b093300 R09: 0000000000000000 R10: 0000000000000000 R11: 0000000000003e83 R12: ffff888037e8d020 R13: ffff888037e8c680 R14: ffff888009af7900 R15: ffff888009af6880 FS: 00007fc26d708640(0000) GS:ffff88807dd00000(0000) knlGS:0000000000000000 CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 CR2: 0000000000000012 CR3: 0000000066bc5001 CR4: 0000000000370ee0 DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000 DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400 Call Trace: <TASK> do_accept+0x1ae/0x260 net/socket.c:1872 __sys_accept4+0x9b/0x110 net/socket.c:1913 __do_sys_accept4 net/socket.c:1954 [inline] __se_sys_accept4 net/socket.c:1951 [inline] __x64_sys_accept4+0x20/0x30 net/socket.c:1951 do_syscall_x64 arch/x86/entry/common.c:50 [inline] do_syscall_64+0x47/0xa0 arch/x86/entry/common.c:80 entry_SYSCALL_64_after_hwframe+0x6e/0xd8 Address the issue by temporary removing the pending request socket from the accept queue, so that racing accept() can't touch them. After depleting the msk - the ssk still exists, as plain TCP sockets, re-insert them into the accept queue, so that later inet_csk_listen_stop() will complete the tcp socket disposal.

Denial Of Service Linux Race Condition Ubuntu Debian +3
NVD
CVSS 3.1
4.7
EPSS
0.0%
CVE-2023-53478 MEDIUM PATCH This Month

In the Linux kernel, the following vulnerability has been resolved: tracing/synthetic: Fix races on freeing last_cmd Currently, the "last_cmd" variable can be accessed by multiple processes asynchronously when multiple users manipulate synthetic_events node at the same time, it could lead to use-after-free or double-free. This patch add "lastcmd_mutex" to prevent "last_cmd" from being accessed asynchronously. ================================================================ It's easy to reproduce in the KASAN environment by running the two scripts below in different shells. script 1: while : do echo -n -e '\x88' > /sys/kernel/tracing/synthetic_events done script 2: while : do echo -n -e '\xb0' > /sys/kernel/tracing/synthetic_events done ================================================================ double-free scenario: process A process B ------------------- --------------- 1.kstrdup last_cmd 2.free last_cmd 3.free last_cmd(double-free) ================================================================ use-after-free scenario: process A process B ------------------- --------------- 1.kstrdup last_cmd 2.free last_cmd 3.tracing_log_err(use-after-free) ================================================================ Appendix 1. KASAN report double-free: BUG: KASAN: double-free in kfree+0xdc/0x1d4 Free of addr ***** by task sh/4879 Call trace: ... kfree+0xdc/0x1d4 create_or_delete_synth_event+0x60/0x1e8 trace_parse_run_command+0x2bc/0x4b8 synth_events_write+0x20/0x30 vfs_write+0x200/0x830 ... Allocated by task 4879: ... kstrdup+0x5c/0x98 create_or_delete_synth_event+0x6c/0x1e8 trace_parse_run_command+0x2bc/0x4b8 synth_events_write+0x20/0x30 vfs_write+0x200/0x830 ... Freed by task 5464: ... kfree+0xdc/0x1d4 create_or_delete_synth_event+0x60/0x1e8 trace_parse_run_command+0x2bc/0x4b8 synth_events_write+0x20/0x30 vfs_write+0x200/0x830 ... ================================================================ Appendix 2. KASAN report use-after-free: BUG: KASAN: use-after-free in strlen+0x5c/0x7c Read of size 1 at addr ***** by task sh/5483 sh: CPU: 7 PID: 5483 Comm: sh ... __asan_report_load1_noabort+0x34/0x44 strlen+0x5c/0x7c tracing_log_err+0x60/0x444 create_or_delete_synth_event+0xc4/0x204 trace_parse_run_command+0x2bc/0x4b8 synth_events_write+0x20/0x30 vfs_write+0x200/0x830 ... Allocated by task 5483: ... kstrdup+0x5c/0x98 create_or_delete_synth_event+0x80/0x204 trace_parse_run_command+0x2bc/0x4b8 synth_events_write+0x20/0x30 vfs_write+0x200/0x830 ... Freed by task 5480: ... kfree+0xdc/0x1d4 create_or_delete_synth_event+0x74/0x204 trace_parse_run_command+0x2bc/0x4b8 synth_events_write+0x20/0x30 vfs_write+0x200/0x830 ...

Information Disclosure Linux Race Condition Ubuntu Debian +3
NVD
CVSS 3.1
4.7
EPSS
0.0%
CVE-2023-53452 MEDIUM PATCH This Month

In the Linux kernel, the following vulnerability has been resolved: wifi: rtw89: fix potential race condition between napi_init and napi_enable A race condition can happen if netdev is registered, but NAPI isn't initialized yet, and meanwhile user space starts the netdev that will enable NAPI. Then, it hits BUG_ON(): kernel BUG at net/core/dev.c:6423! invalid opcode: 0000 [#1] PREEMPT SMP NOPTI CPU: 0 PID: 417 Comm: iwd Not tainted 6.2.7-slab-dirty #3 eb0f5a8a9d91 Hardware name: LENOVO 21DL/LNVNB161216, BIOS JPCN20WW(V1.06) 09/20/2022 RIP: 0010:napi_enable+0x3f/0x50 Code: 48 89 c2 48 83 e2 f6 f6 81 89 08 00 00 02 74 0d 48 83 ... RSP: 0018:ffffada1414f3548 EFLAGS: 00010246 RAX: 0000000000000000 RBX: ffffa01425802080 RCX: 0000000000000000 RDX: 00000000000002ff RSI: ffffada14e50c614 RDI: ffffa01425808dc0 RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000 R10: 0000000000000001 R11: 0000000000000100 R12: ffffa01425808f58 R13: 0000000000000000 R14: ffffa01423498940 R15: 0000000000000001 FS: 00007f5577c0a740(0000) GS:ffffa0169fc00000(0000) knlGS:0000000000000000 CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 CR2: 00007f5577a19972 CR3: 0000000125a7a000 CR4: 0000000000750ef0 PKRU: 55555554 Call Trace: <TASK> rtw89_pci_ops_start+0x1c/0x70 [rtw89_pci 6cbc75429515c181cbc386478d5cfb32ffc5a0f8] rtw89_core_start+0xbe/0x160 [rtw89_core fe07ecb874820b6d778370d4acb6ef8a37847f22] rtw89_ops_start+0x26/0x40 [rtw89_core fe07ecb874820b6d778370d4acb6ef8a37847f22] drv_start+0x42/0x100 [mac80211 c07fa22af8c3cf3f7d7ab3884ca990784d72e2d2] ieee80211_do_open+0x311/0x7d0 [mac80211 c07fa22af8c3cf3f7d7ab3884ca990784d72e2d2] ieee80211_open+0x6a/0x90 [mac80211 c07fa22af8c3cf3f7d7ab3884ca990784d72e2d2] __dev_open+0xe0/0x180 __dev_change_flags+0x1da/0x250 dev_change_flags+0x26/0x70 do_setlink+0x37c/0x12c0 ? ep_poll_callback+0x246/0x290 ? __nla_validate_parse+0x61/0xd00 ? __wake_up_common_lock+0x8f/0xd0 To fix this, follow Jonas' suggestion to switch the order of these functions and move register netdev to be the last step of PCI probe. Also, correct the error handling of rtw89_core_register_hw().

Information Disclosure Linux Race Condition Ubuntu Debian +3
NVD
CVSS 3.1
4.7
EPSS
0.0%
CVE-2025-39927 MEDIUM PATCH This Month

In the Linux kernel, the following vulnerability has been resolved: ceph: fix race condition validating r_parent before applying state Add validation to ensure the cached parent directory inode matches the directory info in MDS replies. This prevents client-side race conditions where concurrent operations (e.g. rename) cause r_parent to become stale between request initiation and reply processing, which could lead to applying state changes to incorrect directory inodes. [ idryomov: folded a kerneldoc fixup and a follow-up fix from Alex to move CEPH_CAP_PIN reference when r_parent is updated: When the parent directory lock is not held, req->r_parent can become stale and is updated to point to the correct inode. However, the associated CEPH_CAP_PIN reference was not being adjusted. The CEPH_CAP_PIN is a reference on an inode that is tracked for accounting purposes. Moving this pin is important to keep the accounting balanced. When the pin was not moved from the old parent to the new one, it created two problems: The reference on the old, stale parent was never released, causing a reference leak. A reference for the new parent was never acquired, creating the risk of a reference underflow later in ceph_mdsc_release_request(). This patch corrects the logic by releasing the pin from the old parent and acquiring it for the new parent when r_parent is switched. This ensures reference accounting stays balanced. ]

Information Disclosure Linux Race Condition Ubuntu Debian +3
NVD VulDB
CVSS 3.1
4.7
EPSS
0.0%
CVE-2025-39905 HIGH PATCH This Week

In the Linux kernel, the following vulnerability has been resolved: net: phylink: add lock for serializing concurrent pl->phydev writes with resolver Currently phylink_resolve() protects itself against concurrent phylink_bringup_phy() or phylink_disconnect_phy() calls which modify pl->phydev by relying on pl->state_mutex. The problem is that in phylink_resolve(), pl->state_mutex is in a lock inversion state with pl->phydev->lock. So pl->phydev->lock needs to be acquired prior to pl->state_mutex. But that requires dereferencing pl->phydev in the first place, and without pl->state_mutex, that is racy. Hence the reason for the extra lock. Currently it is redundant, but it will serve a functional purpose once mutex_lock(&phy->lock) will be moved outside of the mutex_lock(&pl->state_mutex) section. Another alternative considered would have been to let phylink_resolve() acquire the rtnl_mutex, which is also held when phylink_bringup_phy() and phylink_disconnect_phy() are called. But since phylink_disconnect_phy() runs under rtnl_lock(), it would deadlock with phylink_resolve() when calling flush_work(&pl->resolve). Additionally, it would have been undesirable because it would have unnecessarily blocked many other call paths as well in the entire kernel, so the smaller-scoped lock was preferred.

Information Disclosure Linux Race Condition Ubuntu Debian +3
NVD
CVSS 3.1
7.0
EPSS
0.0%
CVE-2025-61792 MEDIUM This Month

Quadient DS-700 iQ devices through 2025-09-30 might have a race condition during the quick clicking of (in order) the Question Mark button, the Help Button, the About button, and the Help Button,. Rated medium severity (CVSS 6.4), this vulnerability is no authentication required. No vendor patch available.

Denial Of Service Race Condition
NVD
CVSS 3.1
6.4
EPSS
0.0%
CVE-2025-55191 Go MEDIUM PATCH This Month

Argo CD is a declarative, GitOps continuous delivery tool for Kubernetes. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, low attack complexity.

Denial Of Service Kubernetes Race Condition Argo Cd Red Hat +1
NVD GitHub
CVSS 3.1
6.5
EPSS
0.0%
CVE-2025-59577 MEDIUM This Month

Concurrent Execution using Shared Resource with Improper Synchronization ('Race Condition') vulnerability in Stylemix MasterStudy LMS allows Leveraging Race Conditions.6.20. Rated medium severity (CVSS 4.3), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Information Disclosure Race Condition
NVD
CVSS 3.1
4.3
EPSS
0.0%
CVE-2025-10778 LOW Monitor

A vulnerability has been found in Smartstore up to 6.2.0. Rated low severity (CVSS 2.3), this vulnerability is remotely exploitable. No vendor patch available.

Information Disclosure Race Condition
NVD VulDB
CVSS 4.0
2.3
EPSS
0.0%
CVE-2025-59220 HIGH This Month

Concurrent execution using shared resource with improper synchronization ('race condition') in Windows Bluetooth Service allows an authorized attacker to elevate privileges locally. Rated high severity (CVSS 7.0). No vendor patch available.

Information Disclosure Microsoft Race Condition Windows 10 21h2 Windows 10 22h2 +7
NVD
CVSS 3.1
7.0
EPSS
0.0%
CVE-2025-59216 HIGH This Month

Concurrent execution using shared resource with improper synchronization ('race condition') in Microsoft Graphics Component allows an authorized attacker to elevate privileges locally. Rated high severity (CVSS 7.0). No vendor patch available.

Information Disclosure Microsoft Race Condition Windows 11 24h2 Windows Server 2025
NVD
CVSS 3.1
7.0
EPSS
0.0%
CVE-2023-53447 MEDIUM PATCH This Month

In the Linux kernel, the following vulnerability has been resolved: f2fs: don't reset unchangable mount option in f2fs_remount() syzbot reports a bug as below: general protection fault, probably for. Rated medium severity (CVSS 4.7).

Denial Of Service Linux Canonical Race Condition Linux Kernel +2
NVD
CVSS 3.1
4.7
EPSS
0.0%
CVE-2022-50379 MEDIUM PATCH This Month

In the Linux kernel, the following vulnerability has been resolved: btrfs: fix race between quota enable and quota rescan ioctl When enabling quotas, at btrfs_quota_enable(), after committing the. Rated medium severity (CVSS 4.7).

Linux Information Disclosure Race Condition Linux Kernel Red Hat +1
NVD
CVSS 3.1
4.7
EPSS
0.0%
CVE-2023-53368 MEDIUM PATCH This Month

In the Linux kernel, the following vulnerability has been resolved: tracing: Fix race issue between cpu buffer write and swap Warning happened in rb_end_commit() at code: if (RB_WARN_ON(cpu_buffer,. Rated medium severity (CVSS 4.7).

Linux Information Disclosure Race Condition Linux Kernel Red Hat +1
NVD
CVSS 3.1
4.7
EPSS
0.0%
CVE-2023-53345 MEDIUM PATCH This Month

In the Linux kernel, the following vulnerability has been resolved: rxrpc: Fix potential data race in rxrpc_wait_to_be_connected() Inside the loop in rxrpc_wait_to_be_connected() it checks. Rated medium severity (CVSS 4.7).

Linux Information Disclosure Race Condition Linux Kernel Red Hat +1
NVD
CVSS 3.1
4.7
EPSS
0.0%
CVE-2022-50373 MEDIUM PATCH This Month

In the Linux kernel, the following vulnerability has been resolved: fs: dlm: fix race in lowcomms This patch fixes a race between queue_work() in _dlm_lowcomms_commit_msg() and srcu_read_unlock(). Rated medium severity (CVSS 4.7).

Authentication Bypass Linux Red Hat Race Condition Linux Kernel +1
NVD
CVSS 3.1
4.7
EPSS
0.0%
CVE-2025-59455 MEDIUM Monitor

In JetBrains TeamCity before 2025.07.2 project isolation bypass was possible due to race condition. Rated medium severity (CVSS 4.2), this vulnerability is remotely exploitable. No vendor patch available.

Authentication Bypass Race Condition Teamcity
NVD
CVSS 3.1
4.2
EPSS
0.0%
CVE-2023-53329 MEDIUM PATCH This Month

In the Linux kernel, the following vulnerability has been resolved: workqueue: fix data race with the pwq->stats[] increment KCSAN has discovered a data race in kernel/workqueue.c:2598: [. Rated medium severity (CVSS 4.7).

Linux Information Disclosure Race Condition Linux Kernel Red Hat +1
NVD
CVSS 3.1
4.7
EPSS
0.0%
CVE-2023-53310 MEDIUM PATCH This Month

In the Linux kernel, the following vulnerability has been resolved: power: supply: axp288_fuel_gauge: Fix external_power_changed race fuel_gauge_external_power_changed() dereferences info->bat, which. Rated medium severity (CVSS 4.7).

Denial Of Service Linux Race Condition Linux Kernel Red Hat +1
NVD
CVSS 3.1
4.7
EPSS
0.0%
CVE-2022-50350 MEDIUM PATCH This Month

In the Linux kernel, the following vulnerability has been resolved: scsi: target: iscsi: Fix a race condition between login_work and the login thread In case a malicious initiator sends some random. Rated medium severity (CVSS 4.7).

Denial Of Service Linux Race Condition Linux Kernel Red Hat +1
NVD
CVSS 3.1
4.7
EPSS
0.0%
CVE-2022-50339 HIGH PATCH This Week

In the Linux kernel, the following vulnerability has been resolved: Bluetooth: avoid hci_dev_test_and_set_flag() in mgmt_init_hdev() syzbot is again reporting attempt to cancel uninitialized work at. Rated high severity (CVSS 7.0).

Linux Information Disclosure Race Condition Linux Kernel Red Hat +1
NVD
CVSS 3.1
7.0
EPSS
0.0%
CVE-2025-39825 MEDIUM PATCH CISA This Month

In the Linux kernel, the following vulnerability has been resolved: smb: client: fix race with concurrent opens in rename(2) Besides sending the rename request to the server, the rename process also. Rated medium severity (CVSS 4.7).

Linux Information Disclosure Race Condition
NVD
CVSS 3.1
4.7
EPSS
0.0%
CVE-2025-39813 MEDIUM PATCH CISA This Month

In the Linux kernel, the following vulnerability has been resolved: ftrace: Fix potential warning in trace_printk_seq during ftrace_dump When calling ftrace_dump_one() concurrently with reading. Rated medium severity (CVSS 4.7).

Linux Information Disclosure Race Condition
NVD
CVSS 3.1
4.7
EPSS
0.0%
CVE-2025-43304 HIGH This Week

A race condition was addressed with improved state handling. Rated high severity (CVSS 7.0). No vendor patch available.

Apple Information Disclosure Race Condition
NVD
CVSS 3.1
7.0
EPSS
0.0%
CVE-2025-43292 MEDIUM This Month

A race condition was addressed with improved state handling. Rated medium severity (CVSS 5.5), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Apple Information Disclosure Race Condition
NVD
CVSS 3.1
5.5
EPSS
0.0%
CVE-2023-53204 MEDIUM PATCH This Month

In the Linux kernel, the following vulnerability has been resolved: af_unix: Fix data-races around user->unix_inflight. Rated medium severity (CVSS 4.7).

Linux Information Disclosure Race Condition Linux Kernel Red Hat +1
NVD
CVSS 3.1
4.7
EPSS
0.0%
CVE-2023-53188 MEDIUM PATCH This Month

In the Linux kernel, the following vulnerability has been resolved: net: openvswitch: fix race on port output assume the following setup on a single machine: 1. Rated medium severity (CVSS 4.7).

Denial Of Service Linux Race Condition Linux Kernel Red Hat +1
NVD
CVSS 3.1
4.7
EPSS
0.0%
CVE-2023-53186 MEDIUM PATCH This Month

In the Linux kernel, the following vulnerability has been resolved: skbuff: Fix a race between coalescing and releasing SKBs Commit 1effe8ca4e34 ("skbuff: fix coalescing for page_pool fragment. Rated medium severity (CVSS 4.7).

Linux Information Disclosure Race Condition Linux Kernel Red Hat +1
NVD
CVSS 3.1
4.7
EPSS
0.0%
CVE-2023-53178 MEDIUM PATCH This Month

In the Linux kernel, the following vulnerability has been resolved: mm: fix zswap writeback race condition The zswap writeback mechanism can cause a race condition resulting in memory corruption,. Rated medium severity (CVSS 4.7).

Linux Buffer Overflow Race Condition Linux Kernel Red Hat +1
NVD
CVSS 3.1
4.7
EPSS
0.0%
CVE-2023-53166 MEDIUM PATCH This Month

In the Linux kernel, the following vulnerability has been resolved: power: supply: bq25890: Fix external_power_changed race bq25890_charger_external_power_changed() dereferences bq->charger, which. Rated medium severity (CVSS 4.7).

Denial Of Service Linux Lenovo Race Condition Linux Kernel +2
NVD
CVSS 3.1
4.7
EPSS
0.0%
CVE-2022-50259 MEDIUM PATCH This Month

In the Linux kernel, the following vulnerability has been resolved: bpf, sockmap: fix race in sock_map_free() sock_map_free() calls release_sock(sk) without owning a reference on the socket. Rated medium severity (CVSS 4.7).

Linux Google Information Disclosure Race Condition Linux Kernel +2
NVD
CVSS 3.1
4.7
EPSS
0.0%
CVE-2025-39759 HIGH PATCH CISA This Week

In the Linux kernel, the following vulnerability has been resolved: btrfs: qgroup: fix race between quota disable and quota rescan ioctl There's a race between a task disabling quotas and another. Rated high severity (CVSS 7.0).

Linux Information Disclosure Race Condition
NVD
CVSS 3.1
7.0
EPSS
0.0%
CVE-2025-39754 MEDIUM PATCH Monitor

In the Linux kernel, the following vulnerability has been resolved: mm/smaps: fix race between smaps_hugetlb_range and migration smaps_hugetlb_range() handles the pte without holdling ptl, and may be. Rated medium severity (CVSS 4.7).

Linux Information Disclosure Race Condition Linux Kernel Red Hat +1
NVD
CVSS 3.1
4.7
EPSS
0.0%
CVE-2025-58145 HIGH PATCH This Month

[This CNA information record relates to multiple CVEs; the text explains which aspects/vulnerabilities correspond to which CVE.] There are two issues related to the mapping of pages belonging to. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Denial Of Service Race Condition Xen Suse
NVD
CVSS 3.1
7.5
EPSS
0.0%
CVE-2025-59052 npm HIGH PATCH This Month

Angular is a development platform for building mobile and desktop web applications using TypeScript/JavaScript and other languages. Rated high severity (CVSS 7.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Information Disclosure Race Condition Red Hat
NVD GitHub
CVSS 4.0
7.1
EPSS
0.1%
CVE-2025-10216 LOW Monitor

A vulnerability was detected in GrandNode up to 2.3.0. Rated low severity (CVSS 2.1), this vulnerability is remotely exploitable. No vendor patch available.

Information Disclosure Race Condition
NVD VulDB
CVSS 4.0
1.2
EPSS
0.0%
CVE-2025-55228 HIGH This Month

Concurrent execution using shared resource with improper synchronization ('race condition') in Windows Win32K - GRFX allows an authorized attacker to execute code locally. Rated high severity (CVSS 7.8). No vendor patch available.

Information Disclosure Microsoft Race Condition Windows 10 21h2 Windows 10 22h2 +7
NVD
CVSS 3.1
7.8
EPSS
0.0%
CVE-2025-55226 MEDIUM This Month

Concurrent execution using shared resource with improper synchronization ('race condition') in Graphics Kernel allows an authorized attacker to execute code locally. Rated medium severity (CVSS 6.7). No vendor patch available.

Information Disclosure Race Condition Windows 10 1507 Windows 10 1607 Windows 10 1809 +13
NVD
CVSS 3.1
6.7
EPSS
0.0%
CVE-2025-55224 HIGH This Month

Concurrent execution using shared resource with improper synchronization ('race condition') in Windows Win32K - GRFX allows an authorized attacker to execute code locally. Rated high severity (CVSS 7.8). No vendor patch available.

Information Disclosure Microsoft Race Condition Windows 10 1809 Windows 10 21h2 +9
NVD
CVSS 3.1
7.8
EPSS
0.0%
CVE-2025-55223 HIGH This Month

Concurrent execution using shared resource with improper synchronization ('race condition') in Graphics Kernel allows an authorized attacker to elevate privileges locally. Rated high severity (CVSS 7.0). No vendor patch available.

Information Disclosure Race Condition Windows 10 1809 Windows 10 21h2 Windows 10 22h2 +8
NVD
CVSS 3.1
7.0
EPSS
0.0%
CVE-2025-54919 HIGH This Month

Concurrent execution using shared resource with improper synchronization ('race condition') in Windows Win32K - GRFX allows an authorized attacker to execute code locally. Rated high severity (CVSS 7.5). No vendor patch available.

Information Disclosure Microsoft Race Condition Windows 10 1809 Windows 10 21h2 +9
NVD
CVSS 3.1
7.5
EPSS
0.0%
CVE-2025-54913 HIGH This Month

Concurrent execution using shared resource with improper synchronization ('race condition') in Windows UI XAML Maps MapControlSettings allows an authorized attacker to elevate privileges locally. Rated high severity (CVSS 7.8). No vendor patch available.

Information Disclosure Microsoft Race Condition Windows 10 1507 Windows 10 1607 +12
NVD
CVSS 3.1
7.8
EPSS
0.0%
CVE-2025-54115 HIGH This Week

Concurrent execution using shared resource with improper synchronization ('race condition') in Windows Hyper-V allows an authorized attacker to elevate privileges locally. Rated high severity (CVSS 7.0). No vendor patch available.

Information Disclosure Microsoft Race Condition Windows 10 1809 Windows 10 21h2 +9
NVD
CVSS 3.1
7.0
EPSS
0.1%
CVE-2025-54114 HIGH This Week

Concurrent execution using shared resource with improper synchronization ('race condition') in Windows Connected Devices Platform Service allows an authorized attacker to elevate privileges locally. Rated high severity (CVSS 7.0). No vendor patch available.

Information Disclosure Microsoft Race Condition Windows 10 1607 Windows 10 21h2 +9
NVD
CVSS 3.1
7.0
EPSS
0.0%
CVE-2025-54108 HIGH This Month

Concurrent execution using shared resource with improper synchronization ('race condition') in Capability Access Management Service (camsvc) allows an authorized attacker to elevate privileges. Rated high severity (CVSS 7.0). No vendor patch available.

Information Disclosure Race Condition Windows 11 24h2 Windows Server 2025 Microsoft
NVD
CVSS 3.1
7.0
EPSS
0.0%
CVE-2025-54105 HIGH This Month

Concurrent execution using shared resource with improper synchronization ('race condition') in Microsoft Brokering File System allows an authorized attacker to elevate privileges locally. Rated high severity (CVSS 7.0). No vendor patch available.

Information Disclosure Microsoft Race Condition Windows 11 24h2 Windows Server 2022 23h2 +1
NVD
CVSS 3.1
7.0
EPSS
0.0%
CVE-2025-54092 HIGH This Week

Concurrent execution using shared resource with improper synchronization ('race condition') in Windows Hyper-V allows an authorized attacker to elevate privileges locally. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. No vendor patch available.

Information Disclosure Microsoft Race Condition Windows 10 1809 Windows 10 21h2 +9
NVD
CVSS 3.1
7.8
EPSS
0.1%
CVE-2025-53807 HIGH This Week

Concurrent execution using shared resource with improper synchronization ('race condition') in Microsoft Graphics Component allows an authorized attacker to elevate privileges locally. Rated high severity (CVSS 7.0). No vendor patch available.

Information Disclosure Microsoft Race Condition Windows 10 1809 Windows 10 21h2 +8
NVD
CVSS 3.1
7.0
EPSS
0.0%
CVE-2025-39726 MEDIUM PATCH Monitor

In the Linux kernel, the following vulnerability has been resolved: s390/ism: fix concurrency management in ism_cmd() The s390x ISM device data sheet clearly states that only one request-response. Rated medium severity (CVSS 4.7).

Linux Information Disclosure Race Condition Linux Kernel Red Hat +1
NVD
CVSS 3.1
4.7
EPSS
0.0%
CVE-2025-39697 MEDIUM PATCH CISA This Month

In the Linux kernel, the following vulnerability has been resolved: NFS: Fix a race when updating an existing write After nfs_lock_and_join_requests() tests for whether the request is still attached. Rated medium severity (CVSS 4.7).

Linux Information Disclosure Race Condition
NVD
CVSS 3.1
4.7
EPSS
0.0%
CVE-2025-39673 MEDIUM PATCH CISA This Month

In the Linux kernel, the following vulnerability has been resolved: ppp: fix race conditions in ppp_fill_forward_path ppp_fill_forward_path() has two race conditions: 1. Rated medium severity (CVSS 4.7).

Linux Information Disclosure Race Condition
NVD
CVSS 3.1
4.7
EPSS
0.0%
CVE-2025-58313 MEDIUM This Month

Race condition vulnerability in the device standby module. Rated medium severity (CVSS 5.1), this vulnerability is no authentication required. No vendor patch available.

Information Disclosure Race Condition Harmonyos
NVD
CVSS 3.1
5.1
EPSS
0.0%
CVE-2025-58296 HIGH This Month

Race condition vulnerability in the audio module. Rated high severity (CVSS 7.5). No vendor patch available.

Information Disclosure Race Condition Harmonyos
NVD
CVSS 3.1
7.5
EPSS
0.0%
CVE-2025-48548 HIGH PATCH This Week

In multiple functions of AppOpsControllerImpl.java, there is a possible way to record audio without displaying the privacy indicator due to a race condition. Rated high severity (CVSS 7.3), this vulnerability is low attack complexity.

Privilege Escalation Race Condition Android Google
NVD
CVSS 3.1
7.3
EPSS
0.0%
CVE-2025-48533 HIGH This Week

In multiple locations, there is a possible way to use apps linked from a context menu of a lockscreen app due to a race condition. Rated high severity (CVSS 7.0). No vendor patch available.

Privilege Escalation Race Condition Android Google
NVD
CVSS 3.1
7.0
EPSS
0.0%
CVE-2025-38717 MEDIUM PATCH Monitor

In the Linux kernel, the following vulnerability has been resolved: net: kcm: Fix race condition in kcm_unattach() syzbot found a race condition when kcm_unattach(psock) and kcm_release(kcm) are. Rated medium severity (CVSS 4.7).

Linux Information Disclosure Race Condition Linux Kernel Red Hat +1
NVD
CVSS 3.1
4.7
EPSS
0.0%
CVE-2025-38687 MEDIUM PATCH CISA This Month

In the Linux kernel, the following vulnerability has been resolved: comedi: fix race between polling and detaching syzbot reports a use-after-free in comedi in the below link, which is due to comedi. Rated medium severity (CVSS 4.7).

Linux Information Disclosure Race Condition
NVD
CVSS 3.1
4.7
EPSS
0.0%
CVE-2025-38681 MEDIUM PATCH CISA This Month

In the Linux kernel, the following vulnerability has been resolved: mm/ptdump: take the memory hotplug lock inside ptdump_walk_pgd() Memory hot remove unmaps and tears down various kernel page table. Rated medium severity (CVSS 4.7).

Linux Information Disclosure Race Condition Debian Linux
NVD
CVSS 3.1
4.7
EPSS
0.0%
CVE-2025-23259 MEDIUM PATCH This Month

NVIDIA Mellanox DPDK contains a vulnerability in Poll Mode Driver (PMD), where an attacker on a VM in the system might be able to cause information disclosure and denial of service on the network. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, no authentication required. No vendor patch available.

Denial Of Service Information Disclosure Nvidia Race Condition Suse
NVD
CVSS 3.1
6.5
EPSS
0.0%
CVE-2025-22442 HIGH This Week

In multiple functions of DevicePolicyManagerService.java, there is a possible way to install unauthorized applications into a newly created work profile due to a race condition. Rated high severity (CVSS 7.0). No vendor patch available.

Privilege Escalation Race Condition Android Google
NVD
CVSS 3.1
7.0
EPSS
0.0%
CVE-2025-38675 MEDIUM PATCH Monitor

In the Linux kernel, the following vulnerability has been resolved: xfrm: state: initialize state_ptrs earlier in xfrm_state_find In case of preemption, xfrm_state_look_at will find a different. Rated medium severity (CVSS 4.7).

Linux Information Disclosure Race Condition Linux Kernel Red Hat +1
NVD
CVSS 3.1
4.7
EPSS
0.0%
CVE-2025-38643 MEDIUM PATCH This Month

A missing lock protection in the Linux kernel's cfg80211 wireless configuration subsystem causes a race condition when the cfg80211_propagate_cac_done_wk worker function attempts to access wireless device channel definitions without holding the required wiphy mutex. This allows a local attacker with limited privileges to trigger a kernel warning and cause a denial of service condition. The vulnerability affects Linux kernel versions from 5.5 onwards across multiple stable releases, with patches available from the vendor and deployed via Ubuntu security advisories USN-8095-2, USN-8095-3, and USN-8100-1. The EPSS score of 0.02% indicates very low actual exploitation probability despite the moderate CVSS score.

Linux Race Condition Denial Of Service Linux Kernel Red Hat +1
NVD VulDB
CVSS 3.1
5.5
EPSS
0.0%
CVE-2025-38632 MEDIUM PATCH Monitor

In the Linux kernel, the following vulnerability has been resolved: pinmux: fix race causing mux_owner NULL with active mux_usecount commit 5a3e85c3c397 ("pinmux: Use sequential access to access. Rated medium severity (CVSS 4.7).

Denial Of Service Linux Race Condition Linux Kernel Red Hat +1
NVD VulDB
CVSS 3.1
4.7
EPSS
0.0%
CVE-2025-38617 MEDIUM PATCH This Month

A race condition exists in the Linux kernel's packet socket implementation between the packet_set_ring() and packet_notifier() functions, where a temporary lock release allows a NETDEV_UP event to be processed while the socket is in an inconsistent state. This vulnerability affects all Linux kernel versions from 2.6.12 onwards and requires local privilege (non-root user) with moderately high attack complexity to exploit, resulting in a denial of service through resource exhaustion or system crash. The EPSS score of 0.01% indicates extremely low real-world exploitation probability despite the availability of patches and detailed technical analysis from Google security research.

Linux Race Condition Debian Linux Linux Kernel Red Hat +1
NVD GitHub VulDB
CVSS 3.1
4.7
EPSS
0.0%
CVE-2025-55231 HIGH This Month

Concurrent execution using shared resource with improper synchronization ('race condition') in Windows Storage allows an unauthorized attacker to execute code over a network. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required. No vendor patch available.

Authentication Bypass Microsoft Race Condition Windows Server 2012 Windows Server 2016 +4
NVD
CVSS 3.1
7.5
EPSS
0.1%
CVE-2025-38567 MEDIUM PATCH Monitor

In the Linux kernel, the following vulnerability has been resolved: nfsd: avoid ref leak in nfsd_open_local_fh() If two calls to nfsd_open_local_fh() race and both successfully call. Rated medium severity (CVSS 4.7).

Linux Information Disclosure Race Condition Linux Kernel Red Hat +1
NVD
CVSS 3.1
4.7
EPSS
0.0%
CVE-2025-38561 MEDIUM PATCH Monitor

In the Linux kernel, the following vulnerability has been resolved: ksmbd: fix Preauh_HashValue race condition If client send multiple session setup requests to ksmbd, Preauh_HashValue race condition. Rated medium severity (CVSS 4.7).

Linux Information Disclosure Race Condition Linux Kernel Debian Linux +2
NVD
CVSS 3.1
4.7
EPSS
0.0%
CVE-2025-38524 MEDIUM PATCH Monitor

In the Linux kernel, the following vulnerability has been resolved: rxrpc: Fix recv-recv race of completed call If a call receives an event (such as incoming data), the call gets placed on the. Rated medium severity (CVSS 4.7).

Linux Information Disclosure Race Condition Linux Kernel Red Hat +1
NVD
CVSS 3.1
4.7
EPSS
0.0%
CVE-2025-8880 HIGH PATCH This Month

Race in V8 in Google Chrome prior to 139.0.7258.127 allowed a remote attacker to execute arbitrary code inside a sandbox via a crafted HTML page. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

RCE Google Race Condition Chrome Suse
NVD
CVSS 3.1
8.8
EPSS
0.1%
CVE-2025-53135 HIGH This Month

Concurrent execution using shared resource with improper synchronization ('race condition') in Windows DirectX allows an authorized attacker to elevate privileges locally. Rated high severity (CVSS 7.0). No vendor patch available.

Information Disclosure Microsoft Race Condition Windows 10 1507 Windows 10 1607 +13
NVD
CVSS 3.1
7.0
EPSS
0.0%
CVE-2025-53132 HIGH This Week

Concurrent execution using shared resource with improper synchronization ('race condition') in Windows Win32K - GRFX allows an authorized attacker to elevate privileges locally. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. No vendor patch available.

Information Disclosure Microsoft Race Condition Windows 10 1507 Windows 10 1607 +14
NVD
CVSS 3.1
7.8
EPSS
0.1%
CVE-2025-50177 HIGH CERT-EU This Week

Use after free in Windows Message Queuing allows an unauthorized attacker to execute code over a network. Rated high severity (CVSS 8.1), this vulnerability is remotely exploitable, no authentication required. No vendor patch available.

Denial Of Service Microsoft Race Condition Windows 10 1507 Windows 10 1607 +14
NVD
CVSS 3.1
8.1
EPSS
0.1%
CVE-2025-50169 HIGH This Week

Concurrent execution using shared resource with improper synchronization ('race condition') in Windows SMB allows an unauthorized attacker to execute code over a network. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required. No vendor patch available.

Authentication Bypass Microsoft Race Condition Windows 11 24h2 Windows Server 2025 +1
NVD
CVSS 3.1
7.5
EPSS
0.1%
CVE-2025-50167 HIGH This Week

Concurrent execution using shared resource with improper synchronization ('race condition') in Windows Hyper-V allows an authorized attacker to elevate privileges locally. Rated high severity (CVSS 7.0). No vendor patch available.

Information Disclosure Microsoft Race Condition Windows 10 1507 Windows 10 1607 +13
NVD
CVSS 3.1
7.0
EPSS
0.0%
CVE-2025-49762 HIGH This Month

Concurrent execution using shared resource with improper synchronization ('race condition') in Windows Ancillary Function Driver for WinSock allows an authorized attacker to elevate privileges. Rated high severity (CVSS 7.0). No vendor patch available.

Information Disclosure Microsoft Race Condition Windows 10 1507 Windows 10 1607 +14
NVD
CVSS 3.1
7.0
EPSS
0.0%
CVE-2025-49743 MEDIUM This Month

Concurrent execution using shared resource with improper synchronization ('race condition') in Microsoft Graphics Component allows an authorized attacker to elevate privileges locally. Rated medium severity (CVSS 6.7). No vendor patch available.

Information Disclosure Microsoft Race Condition Windows 10 1507 Windows 10 1607 +13
NVD
CVSS 3.1
6.7
EPSS
0.1%
CVE-2025-22830 HIGH This Month

APTIOV contains a vulnerability in BIOS where a skilled user may cause “Race Condition” by local access. Rated high severity (CVSS 7.3), this vulnerability is low attack complexity. No vendor patch available.

Denial Of Service Race Condition Aptio V
NVD
CVSS 4.0
7.3
EPSS
0.0%
CVE-2025-27577 HIGH This Month

in OpenHarmony v5.0.3 and prior versions allow a local attacker arbitrary code execution in tcb through race condition. Rated high severity (CVSS 8.4), this vulnerability is low attack complexity. No vendor patch available.

RCE Race Condition Openharmony
NVD
CVSS 3.1
8.4
EPSS
0.0%
CVE-2025-25278 HIGH This Month

in OpenHarmony v5.0.3 and prior versions allow a local attacker arbitrary code execution in tcb through race condition. Rated high severity (CVSS 8.4), this vulnerability is low attack complexity. No vendor patch available.

RCE Race Condition Openharmony
NVD
CVSS 3.1
8.4
EPSS
0.0%
CVE-2025-47907 Go HIGH PATCH This Month

Cancelling a query (e.g. Rated high severity (CVSS 7.0), this vulnerability is remotely exploitable, no authentication required.

Information Disclosure Race Condition Go Red Hat Suse
NVD
CVSS 3.1
7.0
EPSS
0.0%
CVE-2025-7954 PHP MEDIUM POC This Month

A race condition vulnerability has been identified in Shopware's voucher system of Shopware v6.6.10.4 that allows attackers to bypass intended voucher restrictions and exceed usage limitations. Rated medium severity (CVSS 6.0), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

Authentication Bypass Race Condition Shopware
NVD GitHub
CVSS 4.0
6.0
EPSS
0.1%
CVE-2025-54651 MEDIUM This Month

Race condition vulnerability in the kernel hufs module. Rated medium severity (CVSS 4.8), this vulnerability is low attack complexity. No vendor patch available.

Information Disclosure Race Condition Harmonyos
NVD
CVSS 3.1
4.8
EPSS
0.0%
CVE-2025-54629 MEDIUM This Month

Race condition issue occurring in the physical page import process of the memory management module. Rated medium severity (CVSS 6.7), this vulnerability is low attack complexity. No vendor patch available.

Information Disclosure Race Condition Emui Harmonyos
NVD
CVSS 3.1
6.7
EPSS
0.0%
EPSS 0% CVSS 7.8
HIGH This Week

A race condition was addressed with additional validation. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Apple Race Condition Information Disclosure
NVD
EPSS 0% CVSS 7.8
HIGH PATCH This Week

A race condition vulnerability exists in the Linux kernel's parisc architecture-specific firmware call pdc_iodc_print() that allows local attackers to cause buffer overflows and potentially execute arbitrary code. The vulnerability affects Linux kernel versions from 2.6.25 through versions before the patched releases, requiring local access with low privileges to exploit. With an EPSS score of only 0.01%, this vulnerability has very low exploitation likelihood in the wild despite its high CVSS score of 7.8.

Linux Buffer Overflow Race Condition +3
NVD VulDB
EPSS 0% CVSS 4.7
MEDIUM PATCH This Month

In the Linux kernel, the following vulnerability has been resolved: scsi: qla2xxx: Fix deletion race condition System crash when using debug kernel due to link list corruption.

Denial Of Service Race Condition Linux +3
NVD VulDB
EPSS 0% CVSS 4.7
MEDIUM PATCH This Month

In the Linux kernel, the following vulnerability has been resolved: mm/ksm: fix race with VMA iteration and mm_struct teardown exit_mmap() will tear down the VMAs and maple tree with the mmap_lock held in write mode.

Race Condition Information Disclosure Linux +3
NVD VulDB
EPSS 0% CVSS 4.7
MEDIUM PATCH This Month

In the Linux kernel, the following vulnerability has been resolved: net/mlx5e: Check for NOT_READY flag state after locking Currently the check for NOT_READY flag is performed before obtaining the necessary lock.

Denial Of Service Race Condition Linux +4
NVD
EPSS 0% CVSS 4.7
MEDIUM POC PATCH This Month

In the Linux kernel, the following vulnerability has been resolved: zram: fix slot write race condition Parallel concurrent writes to the same zram index result in leaked zsmalloc handles. Schematically we can have something like this: CPU0 CPU1 zram_slot_lock() zs_free(handle) zram_slot_lock() zram_slot_lock() zs_free(handle) zram_slot_lock() compress compress handle = zs_malloc() handle = zs_malloc() zram_slot_lock zram_set_handle(handle) zram_slot_lock zram_slot_lock zram_set_handle(handle) zram_slot_lock Either CPU0 or CPU1 zsmalloc handle will leak because zs_free() is done too early. In fact, we need to reset zram entry right before we set its new handle, all under the same slot lock scope.

Race Condition Information Disclosure Linux +3
NVD GitHub VulDB
EPSS 0% CVSS 4.7
MEDIUM PATCH This Month

In the Linux kernel, the following vulnerability has been resolved: Bluetooth: Fix hci_suspend_sync crash If hci_unregister_dev() frees the hci_dev object but hci_suspend_notifier may still be accessing it, it can cause the program to crash. Here's the call trace: <4>[102152.653246] Call Trace: <4>[102152.653254] hci_suspend_sync+0x109/0x301 [bluetooth] <4>[102152.653259] hci_suspend_dev+0x78/0xcd [bluetooth] <4>[102152.653263] hci_suspend_notifier+0x42/0x7a [bluetooth] <4>[102152.653268] notifier_call_chain+0x43/0x6b <4>[102152.653271] __blocking_notifier_call_chain+0x48/0x69 <4>[102152.653273] __pm_notifier_call_chain+0x22/0x39 <4>[102152.653276] pm_suspend+0x287/0x57c <4>[102152.653278] state_store+0xae/0xe5 <4>[102152.653281] kernfs_fop_write+0x109/0x173 <4>[102152.653284] __vfs_write+0x16f/0x1a2 <4>[102152.653287] ? selinux_file_permission+0xca/0x16f <4>[102152.653289] ? security_file_permission+0x36/0x109 <4>[102152.653291] vfs_write+0x114/0x21d <4>[102152.653293] __x64_sys_write+0x7b/0xdb <4>[102152.653296] do_syscall_64+0x59/0x194 <4>[102152.653299] entry_SYSCALL_64_after_hwframe+0x5c/0xc1 This patch holds the reference count of the hci_dev object while processing it in hci_suspend_notifier to avoid potential crash caused by the race condition.

Denial Of Service Linux Race Condition
NVD VulDB
EPSS 0% CVSS 4.7
MEDIUM PATCH This Month

In the Linux kernel, the following vulnerability has been resolved: mptcp: fix disconnect vs accept race Despite commit 0ad529d9fd2b ("mptcp: fix possible divide by zero in recvmsg()"), the mptcp protocol is still prone to a race between disconnect() (or shutdown) and accept. The root cause is that the mentioned commit checks the msk-level flag, but mptcp_stream_accept() does acquire the msk-level lock, as it can rely directly on the first subflow lock. As reported by Christoph than can lead to a race where an msk socket is accepted after that mptcp_subflow_queue_clean() releases the listener socket lock and just before it takes destructive actions leading to the following splat: BUG: kernel NULL pointer dereference, address: 0000000000000012 PGD 5a4ca067 P4D 5a4ca067 PUD 37d4c067 PMD 0 Oops: 0000 [#1] PREEMPT SMP CPU: 2 PID: 10955 Comm: syz-executor.5 Not tainted 6.5.0-rc1-gdc7b257ee5dd #37 Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.11.0-2.el7 04/01/2014 RIP: 0010:mptcp_stream_accept+0x1ee/0x2f0 include/net/inet_sock.h:330 Code: 0a 09 00 48 8b 1b 4c 39 e3 74 07 e8 bc 7c 7f fe eb a1 e8 b5 7c 7f fe 4c 8b 6c 24 08 eb 05 e8 a9 7c 7f fe 49 8b 85 d8 09 00 00 <0f> b6 40 12 88 44 24 07 0f b6 6c 24 07 bf 07 00 00 00 89 ee e8 89 RSP: 0018:ffffc90000d07dc0 EFLAGS: 00010293 RAX: 0000000000000000 RBX: ffff888037e8d020 RCX: ffff88803b093300 RDX: 0000000000000000 RSI: ffffffff833822c5 RDI: ffffffff8333896a RBP: 0000607f82031520 R08: ffff88803b093300 R09: 0000000000000000 R10: 0000000000000000 R11: 0000000000003e83 R12: ffff888037e8d020 R13: ffff888037e8c680 R14: ffff888009af7900 R15: ffff888009af6880 FS: 00007fc26d708640(0000) GS:ffff88807dd00000(0000) knlGS:0000000000000000 CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 CR2: 0000000000000012 CR3: 0000000066bc5001 CR4: 0000000000370ee0 DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000 DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400 Call Trace: <TASK> do_accept+0x1ae/0x260 net/socket.c:1872 __sys_accept4+0x9b/0x110 net/socket.c:1913 __do_sys_accept4 net/socket.c:1954 [inline] __se_sys_accept4 net/socket.c:1951 [inline] __x64_sys_accept4+0x20/0x30 net/socket.c:1951 do_syscall_x64 arch/x86/entry/common.c:50 [inline] do_syscall_64+0x47/0xa0 arch/x86/entry/common.c:80 entry_SYSCALL_64_after_hwframe+0x6e/0xd8 Address the issue by temporary removing the pending request socket from the accept queue, so that racing accept() can't touch them. After depleting the msk - the ssk still exists, as plain TCP sockets, re-insert them into the accept queue, so that later inet_csk_listen_stop() will complete the tcp socket disposal.

Denial Of Service Linux Race Condition +5
NVD
EPSS 0% CVSS 4.7
MEDIUM PATCH This Month

In the Linux kernel, the following vulnerability has been resolved: tracing/synthetic: Fix races on freeing last_cmd Currently, the "last_cmd" variable can be accessed by multiple processes asynchronously when multiple users manipulate synthetic_events node at the same time, it could lead to use-after-free or double-free. This patch add "lastcmd_mutex" to prevent "last_cmd" from being accessed asynchronously. ================================================================ It's easy to reproduce in the KASAN environment by running the two scripts below in different shells. script 1: while : do echo -n -e '\x88' > /sys/kernel/tracing/synthetic_events done script 2: while : do echo -n -e '\xb0' > /sys/kernel/tracing/synthetic_events done ================================================================ double-free scenario: process A process B ------------------- --------------- 1.kstrdup last_cmd 2.free last_cmd 3.free last_cmd(double-free) ================================================================ use-after-free scenario: process A process B ------------------- --------------- 1.kstrdup last_cmd 2.free last_cmd 3.tracing_log_err(use-after-free) ================================================================ Appendix 1. KASAN report double-free: BUG: KASAN: double-free in kfree+0xdc/0x1d4 Free of addr ***** by task sh/4879 Call trace: ... kfree+0xdc/0x1d4 create_or_delete_synth_event+0x60/0x1e8 trace_parse_run_command+0x2bc/0x4b8 synth_events_write+0x20/0x30 vfs_write+0x200/0x830 ... Allocated by task 4879: ... kstrdup+0x5c/0x98 create_or_delete_synth_event+0x6c/0x1e8 trace_parse_run_command+0x2bc/0x4b8 synth_events_write+0x20/0x30 vfs_write+0x200/0x830 ... Freed by task 5464: ... kfree+0xdc/0x1d4 create_or_delete_synth_event+0x60/0x1e8 trace_parse_run_command+0x2bc/0x4b8 synth_events_write+0x20/0x30 vfs_write+0x200/0x830 ... ================================================================ Appendix 2. KASAN report use-after-free: BUG: KASAN: use-after-free in strlen+0x5c/0x7c Read of size 1 at addr ***** by task sh/5483 sh: CPU: 7 PID: 5483 Comm: sh ... __asan_report_load1_noabort+0x34/0x44 strlen+0x5c/0x7c tracing_log_err+0x60/0x444 create_or_delete_synth_event+0xc4/0x204 trace_parse_run_command+0x2bc/0x4b8 synth_events_write+0x20/0x30 vfs_write+0x200/0x830 ... Allocated by task 5483: ... kstrdup+0x5c/0x98 create_or_delete_synth_event+0x80/0x204 trace_parse_run_command+0x2bc/0x4b8 synth_events_write+0x20/0x30 vfs_write+0x200/0x830 ... Freed by task 5480: ... kfree+0xdc/0x1d4 create_or_delete_synth_event+0x74/0x204 trace_parse_run_command+0x2bc/0x4b8 synth_events_write+0x20/0x30 vfs_write+0x200/0x830 ...

Information Disclosure Linux Race Condition +5
NVD
EPSS 0% CVSS 4.7
MEDIUM PATCH This Month

In the Linux kernel, the following vulnerability has been resolved: wifi: rtw89: fix potential race condition between napi_init and napi_enable A race condition can happen if netdev is registered, but NAPI isn't initialized yet, and meanwhile user space starts the netdev that will enable NAPI. Then, it hits BUG_ON(): kernel BUG at net/core/dev.c:6423! invalid opcode: 0000 [#1] PREEMPT SMP NOPTI CPU: 0 PID: 417 Comm: iwd Not tainted 6.2.7-slab-dirty #3 eb0f5a8a9d91 Hardware name: LENOVO 21DL/LNVNB161216, BIOS JPCN20WW(V1.06) 09/20/2022 RIP: 0010:napi_enable+0x3f/0x50 Code: 48 89 c2 48 83 e2 f6 f6 81 89 08 00 00 02 74 0d 48 83 ... RSP: 0018:ffffada1414f3548 EFLAGS: 00010246 RAX: 0000000000000000 RBX: ffffa01425802080 RCX: 0000000000000000 RDX: 00000000000002ff RSI: ffffada14e50c614 RDI: ffffa01425808dc0 RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000 R10: 0000000000000001 R11: 0000000000000100 R12: ffffa01425808f58 R13: 0000000000000000 R14: ffffa01423498940 R15: 0000000000000001 FS: 00007f5577c0a740(0000) GS:ffffa0169fc00000(0000) knlGS:0000000000000000 CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 CR2: 00007f5577a19972 CR3: 0000000125a7a000 CR4: 0000000000750ef0 PKRU: 55555554 Call Trace: <TASK> rtw89_pci_ops_start+0x1c/0x70 [rtw89_pci 6cbc75429515c181cbc386478d5cfb32ffc5a0f8] rtw89_core_start+0xbe/0x160 [rtw89_core fe07ecb874820b6d778370d4acb6ef8a37847f22] rtw89_ops_start+0x26/0x40 [rtw89_core fe07ecb874820b6d778370d4acb6ef8a37847f22] drv_start+0x42/0x100 [mac80211 c07fa22af8c3cf3f7d7ab3884ca990784d72e2d2] ieee80211_do_open+0x311/0x7d0 [mac80211 c07fa22af8c3cf3f7d7ab3884ca990784d72e2d2] ieee80211_open+0x6a/0x90 [mac80211 c07fa22af8c3cf3f7d7ab3884ca990784d72e2d2] __dev_open+0xe0/0x180 __dev_change_flags+0x1da/0x250 dev_change_flags+0x26/0x70 do_setlink+0x37c/0x12c0 ? ep_poll_callback+0x246/0x290 ? __nla_validate_parse+0x61/0xd00 ? __wake_up_common_lock+0x8f/0xd0 To fix this, follow Jonas' suggestion to switch the order of these functions and move register netdev to be the last step of PCI probe. Also, correct the error handling of rtw89_core_register_hw().

Information Disclosure Linux Race Condition +5
NVD
EPSS 0% CVSS 4.7
MEDIUM PATCH This Month

In the Linux kernel, the following vulnerability has been resolved: ceph: fix race condition validating r_parent before applying state Add validation to ensure the cached parent directory inode matches the directory info in MDS replies. This prevents client-side race conditions where concurrent operations (e.g. rename) cause r_parent to become stale between request initiation and reply processing, which could lead to applying state changes to incorrect directory inodes. [ idryomov: folded a kerneldoc fixup and a follow-up fix from Alex to move CEPH_CAP_PIN reference when r_parent is updated: When the parent directory lock is not held, req->r_parent can become stale and is updated to point to the correct inode. However, the associated CEPH_CAP_PIN reference was not being adjusted. The CEPH_CAP_PIN is a reference on an inode that is tracked for accounting purposes. Moving this pin is important to keep the accounting balanced. When the pin was not moved from the old parent to the new one, it created two problems: The reference on the old, stale parent was never released, causing a reference leak. A reference for the new parent was never acquired, creating the risk of a reference underflow later in ceph_mdsc_release_request(). This patch corrects the logic by releasing the pin from the old parent and acquiring it for the new parent when r_parent is switched. This ensures reference accounting stays balanced. ]

Information Disclosure Linux Race Condition +5
NVD VulDB
EPSS 0% CVSS 7.0
HIGH PATCH This Week

In the Linux kernel, the following vulnerability has been resolved: net: phylink: add lock for serializing concurrent pl->phydev writes with resolver Currently phylink_resolve() protects itself against concurrent phylink_bringup_phy() or phylink_disconnect_phy() calls which modify pl->phydev by relying on pl->state_mutex. The problem is that in phylink_resolve(), pl->state_mutex is in a lock inversion state with pl->phydev->lock. So pl->phydev->lock needs to be acquired prior to pl->state_mutex. But that requires dereferencing pl->phydev in the first place, and without pl->state_mutex, that is racy. Hence the reason for the extra lock. Currently it is redundant, but it will serve a functional purpose once mutex_lock(&phy->lock) will be moved outside of the mutex_lock(&pl->state_mutex) section. Another alternative considered would have been to let phylink_resolve() acquire the rtnl_mutex, which is also held when phylink_bringup_phy() and phylink_disconnect_phy() are called. But since phylink_disconnect_phy() runs under rtnl_lock(), it would deadlock with phylink_resolve() when calling flush_work(&pl->resolve). Additionally, it would have been undesirable because it would have unnecessarily blocked many other call paths as well in the entire kernel, so the smaller-scoped lock was preferred.

Information Disclosure Linux Race Condition +5
NVD
EPSS 0% CVSS 6.4
MEDIUM This Month

Quadient DS-700 iQ devices through 2025-09-30 might have a race condition during the quick clicking of (in order) the Question Mark button, the Help Button, the About button, and the Help Button,. Rated medium severity (CVSS 6.4), this vulnerability is no authentication required. No vendor patch available.

Denial Of Service Race Condition
NVD
EPSS 0% CVSS 6.5
MEDIUM PATCH This Month

Argo CD is a declarative, GitOps continuous delivery tool for Kubernetes. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, low attack complexity.

Denial Of Service Kubernetes Race Condition +3
NVD GitHub
EPSS 0% CVSS 4.3
MEDIUM This Month

Concurrent Execution using Shared Resource with Improper Synchronization ('Race Condition') vulnerability in Stylemix MasterStudy LMS allows Leveraging Race Conditions.6.20. Rated medium severity (CVSS 4.3), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Information Disclosure Race Condition
NVD
EPSS 0% CVSS 2.3
LOW Monitor

A vulnerability has been found in Smartstore up to 6.2.0. Rated low severity (CVSS 2.3), this vulnerability is remotely exploitable. No vendor patch available.

Information Disclosure Race Condition
NVD VulDB
EPSS 0% CVSS 7.0
HIGH This Month

Concurrent execution using shared resource with improper synchronization ('race condition') in Windows Bluetooth Service allows an authorized attacker to elevate privileges locally. Rated high severity (CVSS 7.0). No vendor patch available.

Information Disclosure Microsoft Race Condition +9
NVD
EPSS 0% CVSS 7.0
HIGH This Month

Concurrent execution using shared resource with improper synchronization ('race condition') in Microsoft Graphics Component allows an authorized attacker to elevate privileges locally. Rated high severity (CVSS 7.0). No vendor patch available.

Information Disclosure Microsoft Race Condition +2
NVD
EPSS 0% CVSS 4.7
MEDIUM PATCH This Month

In the Linux kernel, the following vulnerability has been resolved: f2fs: don't reset unchangable mount option in f2fs_remount() syzbot reports a bug as below: general protection fault, probably for. Rated medium severity (CVSS 4.7).

Denial Of Service Linux Canonical +4
NVD
EPSS 0% CVSS 4.7
MEDIUM PATCH This Month

In the Linux kernel, the following vulnerability has been resolved: btrfs: fix race between quota enable and quota rescan ioctl When enabling quotas, at btrfs_quota_enable(), after committing the. Rated medium severity (CVSS 4.7).

Linux Information Disclosure Race Condition +3
NVD
EPSS 0% CVSS 4.7
MEDIUM PATCH This Month

In the Linux kernel, the following vulnerability has been resolved: tracing: Fix race issue between cpu buffer write and swap Warning happened in rb_end_commit() at code: if (RB_WARN_ON(cpu_buffer,. Rated medium severity (CVSS 4.7).

Linux Information Disclosure Race Condition +3
NVD
EPSS 0% CVSS 4.7
MEDIUM PATCH This Month

In the Linux kernel, the following vulnerability has been resolved: rxrpc: Fix potential data race in rxrpc_wait_to_be_connected() Inside the loop in rxrpc_wait_to_be_connected() it checks. Rated medium severity (CVSS 4.7).

Linux Information Disclosure Race Condition +3
NVD
EPSS 0% CVSS 4.7
MEDIUM PATCH This Month

In the Linux kernel, the following vulnerability has been resolved: fs: dlm: fix race in lowcomms This patch fixes a race between queue_work() in _dlm_lowcomms_commit_msg() and srcu_read_unlock(). Rated medium severity (CVSS 4.7).

Authentication Bypass Linux Red Hat +3
NVD
EPSS 0% CVSS 4.2
MEDIUM Monitor

In JetBrains TeamCity before 2025.07.2 project isolation bypass was possible due to race condition. Rated medium severity (CVSS 4.2), this vulnerability is remotely exploitable. No vendor patch available.

Authentication Bypass Race Condition Teamcity
NVD
EPSS 0% CVSS 4.7
MEDIUM PATCH This Month

In the Linux kernel, the following vulnerability has been resolved: workqueue: fix data race with the pwq->stats[] increment KCSAN has discovered a data race in kernel/workqueue.c:2598: [. Rated medium severity (CVSS 4.7).

Linux Information Disclosure Race Condition +3
NVD
EPSS 0% CVSS 4.7
MEDIUM PATCH This Month

In the Linux kernel, the following vulnerability has been resolved: power: supply: axp288_fuel_gauge: Fix external_power_changed race fuel_gauge_external_power_changed() dereferences info->bat, which. Rated medium severity (CVSS 4.7).

Denial Of Service Linux Race Condition +3
NVD
EPSS 0% CVSS 4.7
MEDIUM PATCH This Month

In the Linux kernel, the following vulnerability has been resolved: scsi: target: iscsi: Fix a race condition between login_work and the login thread In case a malicious initiator sends some random. Rated medium severity (CVSS 4.7).

Denial Of Service Linux Race Condition +3
NVD
EPSS 0% CVSS 7.0
HIGH PATCH This Week

In the Linux kernel, the following vulnerability has been resolved: Bluetooth: avoid hci_dev_test_and_set_flag() in mgmt_init_hdev() syzbot is again reporting attempt to cancel uninitialized work at. Rated high severity (CVSS 7.0).

Linux Information Disclosure Race Condition +3
NVD
EPSS 0% CVSS 4.7
MEDIUM PATCH This Month

In the Linux kernel, the following vulnerability has been resolved: smb: client: fix race with concurrent opens in rename(2) Besides sending the rename request to the server, the rename process also. Rated medium severity (CVSS 4.7).

Linux Information Disclosure Race Condition
NVD
EPSS 0% CVSS 4.7
MEDIUM PATCH This Month

In the Linux kernel, the following vulnerability has been resolved: ftrace: Fix potential warning in trace_printk_seq during ftrace_dump When calling ftrace_dump_one() concurrently with reading. Rated medium severity (CVSS 4.7).

Linux Information Disclosure Race Condition
NVD
EPSS 0% CVSS 7.0
HIGH This Week

A race condition was addressed with improved state handling. Rated high severity (CVSS 7.0). No vendor patch available.

Apple Information Disclosure Race Condition
NVD
EPSS 0% CVSS 5.5
MEDIUM This Month

A race condition was addressed with improved state handling. Rated medium severity (CVSS 5.5), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Apple Information Disclosure Race Condition
NVD
EPSS 0% CVSS 4.7
MEDIUM PATCH This Month

In the Linux kernel, the following vulnerability has been resolved: af_unix: Fix data-races around user->unix_inflight. Rated medium severity (CVSS 4.7).

Linux Information Disclosure Race Condition +3
NVD
EPSS 0% CVSS 4.7
MEDIUM PATCH This Month

In the Linux kernel, the following vulnerability has been resolved: net: openvswitch: fix race on port output assume the following setup on a single machine: 1. Rated medium severity (CVSS 4.7).

Denial Of Service Linux Race Condition +3
NVD
EPSS 0% CVSS 4.7
MEDIUM PATCH This Month

In the Linux kernel, the following vulnerability has been resolved: skbuff: Fix a race between coalescing and releasing SKBs Commit 1effe8ca4e34 ("skbuff: fix coalescing for page_pool fragment. Rated medium severity (CVSS 4.7).

Linux Information Disclosure Race Condition +3
NVD
EPSS 0% CVSS 4.7
MEDIUM PATCH This Month

In the Linux kernel, the following vulnerability has been resolved: mm: fix zswap writeback race condition The zswap writeback mechanism can cause a race condition resulting in memory corruption,. Rated medium severity (CVSS 4.7).

Linux Buffer Overflow Race Condition +3
NVD
EPSS 0% CVSS 4.7
MEDIUM PATCH This Month

In the Linux kernel, the following vulnerability has been resolved: power: supply: bq25890: Fix external_power_changed race bq25890_charger_external_power_changed() dereferences bq->charger, which. Rated medium severity (CVSS 4.7).

Denial Of Service Linux Lenovo +4
NVD
EPSS 0% CVSS 4.7
MEDIUM PATCH This Month

In the Linux kernel, the following vulnerability has been resolved: bpf, sockmap: fix race in sock_map_free() sock_map_free() calls release_sock(sk) without owning a reference on the socket. Rated medium severity (CVSS 4.7).

Linux Google Information Disclosure +4
NVD
EPSS 0% CVSS 7.0
HIGH PATCH This Week

In the Linux kernel, the following vulnerability has been resolved: btrfs: qgroup: fix race between quota disable and quota rescan ioctl There's a race between a task disabling quotas and another. Rated high severity (CVSS 7.0).

Linux Information Disclosure Race Condition
NVD
EPSS 0% CVSS 4.7
MEDIUM PATCH Monitor

In the Linux kernel, the following vulnerability has been resolved: mm/smaps: fix race between smaps_hugetlb_range and migration smaps_hugetlb_range() handles the pte without holdling ptl, and may be. Rated medium severity (CVSS 4.7).

Linux Information Disclosure Race Condition +3
NVD
EPSS 0% CVSS 7.5
HIGH PATCH This Month

[This CNA information record relates to multiple CVEs; the text explains which aspects/vulnerabilities correspond to which CVE.] There are two issues related to the mapping of pages belonging to. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Denial Of Service Race Condition Xen +1
NVD
EPSS 0% CVSS 7.1
HIGH PATCH This Month

Angular is a development platform for building mobile and desktop web applications using TypeScript/JavaScript and other languages. Rated high severity (CVSS 7.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Information Disclosure Race Condition Red Hat
NVD GitHub
EPSS 0% CVSS 1.2
LOW Monitor

A vulnerability was detected in GrandNode up to 2.3.0. Rated low severity (CVSS 2.1), this vulnerability is remotely exploitable. No vendor patch available.

Information Disclosure Race Condition
NVD VulDB
EPSS 0% CVSS 7.8
HIGH This Month

Concurrent execution using shared resource with improper synchronization ('race condition') in Windows Win32K - GRFX allows an authorized attacker to execute code locally. Rated high severity (CVSS 7.8). No vendor patch available.

Information Disclosure Microsoft Race Condition +9
NVD
EPSS 0% CVSS 6.7
MEDIUM This Month

Concurrent execution using shared resource with improper synchronization ('race condition') in Graphics Kernel allows an authorized attacker to execute code locally. Rated medium severity (CVSS 6.7). No vendor patch available.

Information Disclosure Race Condition Windows 10 1507 +15
NVD
EPSS 0% CVSS 7.8
HIGH This Month

Concurrent execution using shared resource with improper synchronization ('race condition') in Windows Win32K - GRFX allows an authorized attacker to execute code locally. Rated high severity (CVSS 7.8). No vendor patch available.

Information Disclosure Microsoft Race Condition +11
NVD
EPSS 0% CVSS 7.0
HIGH This Month

Concurrent execution using shared resource with improper synchronization ('race condition') in Graphics Kernel allows an authorized attacker to elevate privileges locally. Rated high severity (CVSS 7.0). No vendor patch available.

Information Disclosure Race Condition Windows 10 1809 +10
NVD
EPSS 0% CVSS 7.5
HIGH This Month

Concurrent execution using shared resource with improper synchronization ('race condition') in Windows Win32K - GRFX allows an authorized attacker to execute code locally. Rated high severity (CVSS 7.5). No vendor patch available.

Information Disclosure Microsoft Race Condition +11
NVD
EPSS 0% CVSS 7.8
HIGH This Month

Concurrent execution using shared resource with improper synchronization ('race condition') in Windows UI XAML Maps MapControlSettings allows an authorized attacker to elevate privileges locally. Rated high severity (CVSS 7.8). No vendor patch available.

Information Disclosure Microsoft Race Condition +14
NVD
EPSS 0% CVSS 7.0
HIGH This Week

Concurrent execution using shared resource with improper synchronization ('race condition') in Windows Hyper-V allows an authorized attacker to elevate privileges locally. Rated high severity (CVSS 7.0). No vendor patch available.

Information Disclosure Microsoft Race Condition +11
NVD
EPSS 0% CVSS 7.0
HIGH This Week

Concurrent execution using shared resource with improper synchronization ('race condition') in Windows Connected Devices Platform Service allows an authorized attacker to elevate privileges locally. Rated high severity (CVSS 7.0). No vendor patch available.

Information Disclosure Microsoft Race Condition +11
NVD
EPSS 0% CVSS 7.0
HIGH This Month

Concurrent execution using shared resource with improper synchronization ('race condition') in Capability Access Management Service (camsvc) allows an authorized attacker to elevate privileges. Rated high severity (CVSS 7.0). No vendor patch available.

Information Disclosure Race Condition Windows 11 24h2 +2
NVD
EPSS 0% CVSS 7.0
HIGH This Month

Concurrent execution using shared resource with improper synchronization ('race condition') in Microsoft Brokering File System allows an authorized attacker to elevate privileges locally. Rated high severity (CVSS 7.0). No vendor patch available.

Information Disclosure Microsoft Race Condition +3
NVD
EPSS 0% CVSS 7.8
HIGH This Week

Concurrent execution using shared resource with improper synchronization ('race condition') in Windows Hyper-V allows an authorized attacker to elevate privileges locally. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. No vendor patch available.

Information Disclosure Microsoft Race Condition +11
NVD
EPSS 0% CVSS 7.0
HIGH This Week

Concurrent execution using shared resource with improper synchronization ('race condition') in Microsoft Graphics Component allows an authorized attacker to elevate privileges locally. Rated high severity (CVSS 7.0). No vendor patch available.

Information Disclosure Microsoft Race Condition +10
NVD
EPSS 0% CVSS 4.7
MEDIUM PATCH Monitor

In the Linux kernel, the following vulnerability has been resolved: s390/ism: fix concurrency management in ism_cmd() The s390x ISM device data sheet clearly states that only one request-response. Rated medium severity (CVSS 4.7).

Linux Information Disclosure Race Condition +3
NVD
EPSS 0% CVSS 4.7
MEDIUM PATCH This Month

In the Linux kernel, the following vulnerability has been resolved: NFS: Fix a race when updating an existing write After nfs_lock_and_join_requests() tests for whether the request is still attached. Rated medium severity (CVSS 4.7).

Linux Information Disclosure Race Condition
NVD
EPSS 0% CVSS 4.7
MEDIUM PATCH This Month

In the Linux kernel, the following vulnerability has been resolved: ppp: fix race conditions in ppp_fill_forward_path ppp_fill_forward_path() has two race conditions: 1. Rated medium severity (CVSS 4.7).

Linux Information Disclosure Race Condition
NVD
EPSS 0% CVSS 5.1
MEDIUM This Month

Race condition vulnerability in the device standby module. Rated medium severity (CVSS 5.1), this vulnerability is no authentication required. No vendor patch available.

Information Disclosure Race Condition Harmonyos
NVD
EPSS 0% CVSS 7.5
HIGH This Month

Race condition vulnerability in the audio module. Rated high severity (CVSS 7.5). No vendor patch available.

Information Disclosure Race Condition Harmonyos
NVD
EPSS 0% CVSS 7.3
HIGH PATCH This Week

In multiple functions of AppOpsControllerImpl.java, there is a possible way to record audio without displaying the privacy indicator due to a race condition. Rated high severity (CVSS 7.3), this vulnerability is low attack complexity.

Privilege Escalation Race Condition Android +1
NVD
EPSS 0% CVSS 7.0
HIGH This Week

In multiple locations, there is a possible way to use apps linked from a context menu of a lockscreen app due to a race condition. Rated high severity (CVSS 7.0). No vendor patch available.

Privilege Escalation Race Condition Android +1
NVD
EPSS 0% CVSS 4.7
MEDIUM PATCH Monitor

In the Linux kernel, the following vulnerability has been resolved: net: kcm: Fix race condition in kcm_unattach() syzbot found a race condition when kcm_unattach(psock) and kcm_release(kcm) are. Rated medium severity (CVSS 4.7).

Linux Information Disclosure Race Condition +3
NVD
EPSS 0% CVSS 4.7
MEDIUM PATCH This Month

In the Linux kernel, the following vulnerability has been resolved: comedi: fix race between polling and detaching syzbot reports a use-after-free in comedi in the below link, which is due to comedi. Rated medium severity (CVSS 4.7).

Linux Information Disclosure Race Condition
NVD
EPSS 0% CVSS 4.7
MEDIUM PATCH This Month

In the Linux kernel, the following vulnerability has been resolved: mm/ptdump: take the memory hotplug lock inside ptdump_walk_pgd() Memory hot remove unmaps and tears down various kernel page table. Rated medium severity (CVSS 4.7).

Linux Information Disclosure Race Condition +1
NVD
EPSS 0% CVSS 6.5
MEDIUM PATCH This Month

NVIDIA Mellanox DPDK contains a vulnerability in Poll Mode Driver (PMD), where an attacker on a VM in the system might be able to cause information disclosure and denial of service on the network. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, no authentication required. No vendor patch available.

Denial Of Service Information Disclosure Nvidia +2
NVD
EPSS 0% CVSS 7.0
HIGH This Week

In multiple functions of DevicePolicyManagerService.java, there is a possible way to install unauthorized applications into a newly created work profile due to a race condition. Rated high severity (CVSS 7.0). No vendor patch available.

Privilege Escalation Race Condition Android +1
NVD
EPSS 0% CVSS 4.7
MEDIUM PATCH Monitor

In the Linux kernel, the following vulnerability has been resolved: xfrm: state: initialize state_ptrs earlier in xfrm_state_find In case of preemption, xfrm_state_look_at will find a different. Rated medium severity (CVSS 4.7).

Linux Information Disclosure Race Condition +3
NVD
EPSS 0% CVSS 5.5
MEDIUM PATCH This Month

A missing lock protection in the Linux kernel's cfg80211 wireless configuration subsystem causes a race condition when the cfg80211_propagate_cac_done_wk worker function attempts to access wireless device channel definitions without holding the required wiphy mutex. This allows a local attacker with limited privileges to trigger a kernel warning and cause a denial of service condition. The vulnerability affects Linux kernel versions from 5.5 onwards across multiple stable releases, with patches available from the vendor and deployed via Ubuntu security advisories USN-8095-2, USN-8095-3, and USN-8100-1. The EPSS score of 0.02% indicates very low actual exploitation probability despite the moderate CVSS score.

Linux Race Condition Denial Of Service +3
NVD VulDB
EPSS 0% CVSS 4.7
MEDIUM PATCH Monitor

In the Linux kernel, the following vulnerability has been resolved: pinmux: fix race causing mux_owner NULL with active mux_usecount commit 5a3e85c3c397 ("pinmux: Use sequential access to access. Rated medium severity (CVSS 4.7).

Denial Of Service Linux Race Condition +3
NVD VulDB
EPSS 0% CVSS 4.7
MEDIUM PATCH This Month

A race condition exists in the Linux kernel's packet socket implementation between the packet_set_ring() and packet_notifier() functions, where a temporary lock release allows a NETDEV_UP event to be processed while the socket is in an inconsistent state. This vulnerability affects all Linux kernel versions from 2.6.12 onwards and requires local privilege (non-root user) with moderately high attack complexity to exploit, resulting in a denial of service through resource exhaustion or system crash. The EPSS score of 0.01% indicates extremely low real-world exploitation probability despite the availability of patches and detailed technical analysis from Google security research.

Linux Race Condition Debian Linux +3
NVD GitHub VulDB
EPSS 0% CVSS 7.5
HIGH This Month

Concurrent execution using shared resource with improper synchronization ('race condition') in Windows Storage allows an unauthorized attacker to execute code over a network. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required. No vendor patch available.

Authentication Bypass Microsoft Race Condition +6
NVD
EPSS 0% CVSS 4.7
MEDIUM PATCH Monitor

In the Linux kernel, the following vulnerability has been resolved: nfsd: avoid ref leak in nfsd_open_local_fh() If two calls to nfsd_open_local_fh() race and both successfully call. Rated medium severity (CVSS 4.7).

Linux Information Disclosure Race Condition +3
NVD
EPSS 0% CVSS 4.7
MEDIUM PATCH Monitor

In the Linux kernel, the following vulnerability has been resolved: ksmbd: fix Preauh_HashValue race condition If client send multiple session setup requests to ksmbd, Preauh_HashValue race condition. Rated medium severity (CVSS 4.7).

Linux Information Disclosure Race Condition +4
NVD
EPSS 0% CVSS 4.7
MEDIUM PATCH Monitor

In the Linux kernel, the following vulnerability has been resolved: rxrpc: Fix recv-recv race of completed call If a call receives an event (such as incoming data), the call gets placed on the. Rated medium severity (CVSS 4.7).

Linux Information Disclosure Race Condition +3
NVD
EPSS 0% CVSS 8.8
HIGH PATCH This Month

Race in V8 in Google Chrome prior to 139.0.7258.127 allowed a remote attacker to execute arbitrary code inside a sandbox via a crafted HTML page. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

RCE Google Race Condition +2
NVD
EPSS 0% CVSS 7.0
HIGH This Month

Concurrent execution using shared resource with improper synchronization ('race condition') in Windows DirectX allows an authorized attacker to elevate privileges locally. Rated high severity (CVSS 7.0). No vendor patch available.

Information Disclosure Microsoft Race Condition +15
NVD
EPSS 0% CVSS 7.8
HIGH This Week

Concurrent execution using shared resource with improper synchronization ('race condition') in Windows Win32K - GRFX allows an authorized attacker to elevate privileges locally. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. No vendor patch available.

Information Disclosure Microsoft Race Condition +16
NVD
EPSS 0% CVSS 8.1
HIGH This Week

Use after free in Windows Message Queuing allows an unauthorized attacker to execute code over a network. Rated high severity (CVSS 8.1), this vulnerability is remotely exploitable, no authentication required. No vendor patch available.

Denial Of Service Microsoft Race Condition +16
NVD
EPSS 0% CVSS 7.5
HIGH This Week

Concurrent execution using shared resource with improper synchronization ('race condition') in Windows SMB allows an unauthorized attacker to execute code over a network. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required. No vendor patch available.

Authentication Bypass Microsoft Race Condition +3
NVD
EPSS 0% CVSS 7.0
HIGH This Week

Concurrent execution using shared resource with improper synchronization ('race condition') in Windows Hyper-V allows an authorized attacker to elevate privileges locally. Rated high severity (CVSS 7.0). No vendor patch available.

Information Disclosure Microsoft Race Condition +15
NVD
EPSS 0% CVSS 7.0
HIGH This Month

Concurrent execution using shared resource with improper synchronization ('race condition') in Windows Ancillary Function Driver for WinSock allows an authorized attacker to elevate privileges. Rated high severity (CVSS 7.0). No vendor patch available.

Information Disclosure Microsoft Race Condition +16
NVD
EPSS 0% CVSS 6.7
MEDIUM This Month

Concurrent execution using shared resource with improper synchronization ('race condition') in Microsoft Graphics Component allows an authorized attacker to elevate privileges locally. Rated medium severity (CVSS 6.7). No vendor patch available.

Information Disclosure Microsoft Race Condition +15
NVD
EPSS 0% CVSS 7.3
HIGH This Month

APTIOV contains a vulnerability in BIOS where a skilled user may cause “Race Condition” by local access. Rated high severity (CVSS 7.3), this vulnerability is low attack complexity. No vendor patch available.

Denial Of Service Race Condition Aptio V
NVD
EPSS 0% CVSS 8.4
HIGH This Month

in OpenHarmony v5.0.3 and prior versions allow a local attacker arbitrary code execution in tcb through race condition. Rated high severity (CVSS 8.4), this vulnerability is low attack complexity. No vendor patch available.

RCE Race Condition Openharmony
NVD
EPSS 0% CVSS 8.4
HIGH This Month

in OpenHarmony v5.0.3 and prior versions allow a local attacker arbitrary code execution in tcb through race condition. Rated high severity (CVSS 8.4), this vulnerability is low attack complexity. No vendor patch available.

RCE Race Condition Openharmony
NVD
EPSS 0% CVSS 7.0
HIGH PATCH This Month

Cancelling a query (e.g. Rated high severity (CVSS 7.0), this vulnerability is remotely exploitable, no authentication required.

Information Disclosure Race Condition Go +2
NVD
EPSS 0% CVSS 6.0
MEDIUM POC This Month

A race condition vulnerability has been identified in Shopware's voucher system of Shopware v6.6.10.4 that allows attackers to bypass intended voucher restrictions and exceed usage limitations. Rated medium severity (CVSS 6.0), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

Authentication Bypass Race Condition Shopware
NVD GitHub
EPSS 0% CVSS 4.8
MEDIUM This Month

Race condition vulnerability in the kernel hufs module. Rated medium severity (CVSS 4.8), this vulnerability is low attack complexity. No vendor patch available.

Information Disclosure Race Condition Harmonyos
NVD
EPSS 0% CVSS 6.7
MEDIUM This Month

Race condition issue occurring in the physical page import process of the memory management module. Rated medium severity (CVSS 6.7), this vulnerability is low attack complexity. No vendor patch available.

Information Disclosure Race Condition Emui +1
NVD
Prev Page 6 of 21 Next

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy