moby through v25.0.3 has a Race Condition vulnerability in the streamformatter package which can be used to trigger multiple concurrent write operations resulting in data corruption or application crashes.

🗓️ 13 Dec 2024 08:00:00Reported by MicrosoftType

Race condition in streamformatter package in moby up to version 25.0.3 causes concurrent writes, data corruption, or crashes.

Reporter	Title	Published	Views	Family All 108
IBM Security Bulletins	Security Bulletin: Multiple Vulnerabilities in IBM CloudPak for AIOps	30 Sep 202516:56	–	ibm
IBM Security Bulletins	Security Bulletin: Multiple vulnerabilities affect IBM Db2® on Cloud Pak for Data, and Db2 Warehouse on Cloud Pak for Data	4 Mar 202615:08	–	ibm
IBM Security Bulletins	Security Bulletin: Moby Multiple Concurrency and NULL Pointer Dereference Vulnerabilities Leading to DoS and Data Corruption, affects watsonx.data	5 Dec 202505:21	–	ibm
Tenable Nessus	Amazon Linux 2 : docker (ALASDOCKER-2024-040)	1 Aug 202400:00	–	nessus
Tenable Nessus	Amazon Linux 2 : docker (ALASECS-2024-042)	5 Sep 202400:00	–	nessus
Tenable Nessus	Amazon Linux 2 : docker (ALASNITRO-ENCLAVES-2024-041)	31 Jul 202400:00	–	nessus
Tenable Nessus	Azure Linux 3.0 Security Update: docker-cli / moby-cli / moby-compose / moby-engine (CVE-2024-36623)	10 Feb 202500:00	–	nessus
Tenable Nessus	EulerOS 2.0 SP11 : docker-engine (EulerOS-SA-2025-1134)	10 Feb 202500:00	–	nessus
Tenable Nessus	EulerOS 2.0 SP11 : docker-engine (EulerOS-SA-2025-1153)	10 Feb 202500:00	–	nessus
Tenable Nessus	EulerOS 2.0 SP12 : docker-engine (EulerOS-SA-2025-1171)	10 Feb 202500:00	–	nessus