375 matches found
CVE-2021-38191
An issue was discovered in the tokio crate before 1.8.1 for Rust. Upon a JoinHandle::abort, a Task may be dropped in the wrong thread...
CVE-2020-36457
An issue was discovered in the lever crate before 0.1.1 for Rust. AtomicBox implements the Send and Sync traits for all types T...
CVE-2020-36441
An issue was discovered in the abox crate before 0.4.1 for Rust. It implements Send and Sync for AtomicBox with no requirement for T: Send and T: Sync...
CVE-2019-5612
In FreeBSD 12.0-STABLE before r351264, 12.0-RELEASE before 12.0-RELEASE-p10, 11.3-STABLE before r351265, 11.3-RELEASE before 11.3-RELEASE-p3, and 11.2-RELEASE before 11.2-RELEASE-p14, the kernel driver for /dev/midistat implements a read handler that is not thread-safe. A multi-threaded program c...
CVE-2018-25026
An issue was discovered in the actix-web crate before 0.7.15 for Rust. It can add the Send marker trait to an object that cannot be sent between threads safely, leading to memory corruption...
CVE-2025-37952
CVE-2025-37952 describes a use-after-free in ksmbd within the Linux kernel. A thread destroying a file via __ksmbd_close_fd can race with another thread holding a reference to the same file, because the existing fp->refcount checks do not prevent the issue. The fix adds ft->lock around the ...
PT-2025-22213
Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description A use-after-free issue is possible in the Linux kernel due to insufficient checks on file reference counts. This occurs when one thread destroys a file while another thread holds a...
SUSE CVE-2025-22098
In the Linux kernel, the following vulnerability has been resolved: drm: zynqmpdp: Fix a deadlock in zynqmpdpignorehpdset Instead of attempting the same mutex twice, lock and unlock it. This bug has been detected by the Clang thread-safety analyzer...
CVE-2025-21918 usb: typec: ucsi: Fix NULL pointer access
In the Linux kernel, the following vulnerability has been resolved: usb: typec: ucsi: Fix NULL pointer access Resources should be released only after all threads that utilize them have been destroyed. This commit ensures that resources are not released prematurely by waiting for the associated...
Improper Resource Shutdown or Release
Overview openai-model-registry is a Registry for OpenAI models with capability and parameter validation Affected versions of this package are vulnerable to Improper Resource Shutdown or Release via the registry cleanup routine and network request handling function. An attacker can exploit resourc...
CVE-2023-52930 drm/i915: Fix potential bit_17 double-free
In the Linux kernel, the following vulnerability has been resolved: drm/i915: Fix potential bit17 double-free A userspace with multiple threads racing I915GEMSETTILING to set the tiling to I915TILINGNONE could trigger a double free of the bit17 bitmask. Or conversely leak memory on the transition...
ila: serialize calls to nf_register_net_hooks()
...
Linux Distros Unpatched Vulnerability : CVE-2024-39508
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - iouring/io-wq: Use setbit and testbit at worker-flags Utilize setbit and testbit on worker-flags within iouring/io-wq to address potential data races. The...
Linux Distros Unpatched Vulnerability : CVE-2021-47226
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - x86/fpu: Invalidate FPU state after a failed XRSTOR from a user buffer Both Intel and AMD consider it to be architecturally valid for XRSTOR to fail with PF but...
Linux Distros Unpatched Vulnerability : CVE-2024-44946
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - kcm: Serialise kcmsendmsg for the same socket. syzkaller reported UAF in kcmrelease. 0 The scenario is 1. Thread A builds a skb with MSGMORE and sets kcm-seqskb...
CVE-2025-1801
A flaw was found in the Ansible aap-gateway. Concurrent requests handled by the gateway grpc service can result in concurrency issues due to race condition requests against the proxy. This issue potentially allows a less privileged user to obtain the JWT of a greater privileged user, enabling the...
CVE-2024-33060
Memory corruption when two threads try to map and unmap a single node simultaneously...
CVE-2024-45553
Memory corruption can occur when process-specific maps are added to the global list. If a map is removed from the global list while another thread is using it for a process-specific task, issues may arise...
PT-2025-54486
Name of the Vulnerable Software and Affected Versions libcurl versions prior to 7.87.0-150400.7.26.1 openSUSE Leap 15.6 affected versions not specified SUSE Linux Enterprise Server 15 SP4 affected versions not specified Description The issue relates to libcurl's handling of TLS options during...
CVE-2024-56670 usb: gadget: u_serial: Fix the issue that gs_start_io crashed due to accessing null pointer
In the Linux kernel, the following vulnerability has been resolved: usb: gadget: userial: Fix the issue that gsstartio crashed due to accessing null pointer Considering that in some extreme cases, when userial driver is accessed by multiple threads, Thread A is executing the open operation and...