346 matches found
kernel: net/sched: flower: fix filter idr initialization
A flaw was found in the Linux kernel’s networking traffic control flower classifier. The initialization of the filter IDR was moved too early in the flchange path, allowing concurrent access by multiple users while the structure was still in an inconsistent state. Under certain conditions, this...
The vulnerability of the pfn_swap_entry_to_page() function in the include/linux/swapops.h module of the Linux operating system allows a hacker to cause a service failure.
The vulnerability of the pfnswapentrytopage function in the include/linux/swapops.h module of the Linux kernel is related to concurrent access to resources race condition. Exploiting this vulnerability could allow a attacker to cause a service failure...
The vulnerability of the __ip_set_put_netlink() function in the net/netfilter/ipset/ip_set_core.c module of the netfilter kernel of the Linux operating system allows a hacker to induce a service failure.
The vulnerability of the ipsetputnetlink function in the net/netfilter/ipset/ipsetcore.c module of the netfilter component of the Linux operating system is related to concurrent access to resources race condition. Exploiting this vulnerability could allow a attacker to cause service interruptions...
The vulnerability of the idt77252_exit() function in the drivers/atm/idt77252.c file of the ATM network driver for the Linux operating system allows a attacker to compromise the confidentiality, integrity, and accessibility of the protected information.
The vulnerability of the idt77252exit function in the drivers/atm/idt77252.c file of the ATM network driver for the Linux operating system is related to the reutilization of previously freed memory due to concurrent access to resources. Exploiting this vulnerability could allow an attacker to...
The vulnerability of the nft_chain_lookup_byid() function in the net/netfilter/nf_tables_api.c module of the Linux kernel’s netfilter packet filtering subsystem allows a attacker to escalate their privileges and compromise the confidentiality, integrity, and accessibility of the protected information.
The vulnerability of the nftchainlookupbyid function in the net/netfilter/nftablesapi.c module of the Linux kernel’s packet filtering subsystem is related to the reutilization of previously freed memory due to concurrent access to resources. Exploiting this vulnerability could allow an attacker t...
The vulnerability of the dm1105_remove() function in the drivers/media/pci/dm1105/dm1105.c file of the TV Tuner driver on the DM1105 chip in the Linux operating system can be exploited by an attacker, thereby compromising the confidentiality, integrity, and accessibility of the protected information.
The vulnerability of the dm1105remove function in the drivers/media/pci/dm1105/dm1105.c file of the TV Tuner driver on the DM1105 chip in the Linux operating system is related to the reutilization of previously freed memory due to concurrent access to resources. Exploiting this vulnerability coul...
The vulnerability of the ravbremove() function in the drivers/net/ethernet/renesas/ravb_main.c file of the network device driver for the Linux operating system’s kernels allows a attacker to compromise the confidentiality, integrity, and accessibility of the protected information.
The vulnerability of the ravbremove function in the drivers/net/ethernet/renesas/ravbmain.c file of the Renesas network device driver for the Linux operating system is related to the reutilization of previously freed memory due to concurrent access to resources. Exploiting this vulnerability coul...
The vulnerability of the r592remove() function in the drivers/memstick/host/r592.c kernel module of the Linux operating system allows an attacker to compromise the confidentiality and accessibility of protected information.
The vulnerability of the r592remove function in the drivers/memstick/host/r592.c kernel module of the Linux operating system is related to the use of previously freed memory due to concurrent access to resources race condition. Exploiting this vulnerability could allow an attacker to compromise t...
The vulnerability of the f2fs_write_end_io() function in the fs/f2fs/data.c file of the Linux kernel’s file system f2fs allows a privileged attacker to cause a service failure.
The vulnerability of the f2fswriteendio function in the fs/f2fs/data.c file of the Linux operating system’s file system f2fs is related to the swapping of the zero pointer from a concurrent access resource in a race condition. Exploiting this vulnerability could allow an attacker to cause service...
The vulnerability of the Qualcomm Technologies EMAC Gigabit Ethernet Controller kernel in the Linux operating system, located in the emacremove() function, allows a attacker to compromise the confidentiality, integrity, and accessibility of data.
The vulnerability of the Qualcomm Technologies EMAC Gigabit Ethernet Controller driver for the Linux operating system is related to concurrent access to resources due to incorrect synchronization in the emacremove function within the drivers/net/ethernet/qualcomm/emac/emac.c module. Exploiting th...
PT-2025-8513 · Linux +2 · Linux Kernel +2
Name of the Vulnerable Software and Affected Versions: Linux kernel affected versions not specified Description: A data-race issue exists around sysctl fib multipath use neigh. The value of sysctl fib multipath use neigh can be changed concurrently while it is being read, which requires the use o...
SUSE CVE-2018-10902
It was found that the raw midi kernel driver does not protect against concurrent access which leads to a double realloc double free in sndrawmidiinputparams and sndrawmidioutputstatus which are part of sndrawmidiioctl handler in rawmidi.c file. A malicious local attacker could possibly use this f...
SUSE CVE-2018-19364
hw/9pfs/cofile.c and hw/9pfs/9p.c in QEMU can modify an fid path while it is being accessed by a second thread, leading to for example a use-after-free outcome...
SUSE CVE-2020-35513
A flaw incorrect umask during file or directory modification in the Linux kernel NFS network file system functionality was found in the way user create and delete object using NFSv4.2 or newer if both simultaneously accessing the NFS by the other process that is not using new NFSv4.2. A user with...
PT-2023-16492 · Answerdev · Answer
Name of the Vulnerable Software and Affected Versions: answerdev/answer versions prior to 1.0.4 Description: The issue is related to a Race Condition, which occurs due to concurrent execution using a shared resource with improper synchronization. This problem is identified in the GitHub repositor...
wildfly: Wildfly management of EJB Session context returns wrong caller principal with Elytron Security enabled
A flaw was found in Wildfly, where it returns an incorrect caller principal under certain heavily concurrent situations when Elytron Security is used. This flaw allows an attacker to gain improper access to information they should not have...
wildfly: Wildfly management of EJB Session context returns wrong caller principal with Elytron Security enabled
A flaw was found in Wildfly, where it returns an incorrect caller principal under certain heavily concurrent situations when Elytron Security is used. This flaw allows an attacker to gain improper access to information they should not have...
October CMS 竞争条件问题漏洞
October CMS is an open source content management system CMS based on PHP and Laravel web application framework. October CMS suffers from a Competing Conditions Issue vulnerability. The vulnerability stems from improper handling of concurrent access when concurrent code requires mutually exclusive...
Multiple MediaTek Chips Competitive Condition Vulnerabilities
MediaTek Inc. is the world's fourth largest fab-based semiconductor company and a leader in the markets of mobile terminals, smart home applications, wireless connectivity and Internet of Things IoT products, with approximately 1.5 billion units of end products with built-in MediaTek chips hittin...
MediaTek 芯片竞争条件问题漏洞
MediaTek Inc. is the world's fourth largest fab-based semiconductor company and a leader in the markets of mobile terminals, smart home applications, wireless connectivity and Internet of Things IoT products, with approximately 1.5 billion units of end products with built-in MediaTek chips hittin...