Lucene search
K

2567 matches found

Github Security Blog
Github Security Blog
added 2024/10/09 7:14 p.m.18 views

Wasmtime race condition could lead to WebAssembly control-flow integrity and type safety violations

Impact Under certain concurrent event orderings, a wasmtime::Engine's internal type registry was susceptible to double-unregistration bugs due to a race condition, leading to panics and potentially type registry corruption. That registry corruption could, following an additional and particular...

2.9CVSS3.7AI score0.00152EPSS
Exploits0References7Affected Software1
OSV
OSV
added 2024/10/09 6:15 p.m.3 views

DEBIAN-CVE-2024-47813

Wasmtime is an open source runtime for WebAssembly. Under certain concurrent event orderings, a wasmtime::Engine's internal type registry was susceptible to double-unregistration bugs due to a race condition, leading to panics and potentially type registry corruption. That registry corruption...

2.9CVSS5.7AI score0.00152EPSS
Exploits0References1
NVD
NVD
added 2024/10/09 6:15 p.m.21 views

CVE-2024-47813

Wasmtime is an open source runtime for WebAssembly. Under certain concurrent event orderings, a wasmtime::Engine's internal type registry was susceptible to double-unregistration bugs due to a race condition, leading to panics and potentially type registry corruption. That registry corruption...

2.9CVSS0.00152EPSS
Exploits0References2
OSV
OSV
added 2024/10/09 6:15 p.m.3 views

PYSEC-2024-311

Wasmtime is an open source runtime for WebAssembly. Under certain concurrent event orderings, a wasmtime::Engine's internal type registry was susceptible to double-unregistration bugs due to a race condition, leading to panics and potentially type registry corruption. That registry corruption...

2.9CVSS5.7AI score0.00152EPSS
Exploits0References2
CVE
CVE
added 2024/10/09 6:7 p.m.323 views

CVE-2024-47813

CVE-2024-47813 is a race-condition bug in Wasmtime where concurrent creation/dropping of types (e.g., FuncType, ArrayType) on a shared wasmtime::Engine can cause double-unregistration, potentially corrupting the internal type registry and violating WebAssembly CFI and type safety. The issue arise...

2.9CVSS3.6AI score0.00152EPSS
Exploits0References2Affected Software1
Cvelist
Cvelist
added 2024/10/09 6:7 p.m.27 views

CVE-2024-47813 Wasmtime race condition could lead to WebAssembly control-flow integrity and type safety violations

Wasmtime is an open source runtime for WebAssembly. Under certain concurrent event orderings, a wasmtime::Engine's internal type registry was susceptible to double-unregistration bugs due to a race condition, leading to panics and potentially type registry corruption. That registry corruption...

2.9CVSS0.00152EPSS
Exploits0References2
CNNVD
CNNVD
added 2024/10/09 12:0 a.m.3 views

Wasmtime 安全漏洞

Wasmtime is a standalone WebAssembly and WASI-only wasm optimization runtime open-sourced by the Bytecode Alliance. A security vulnerability exists in Wasmtime that stems from a double deregistration error in the type registry of Wasmtime's wasmtime::Engine internal type registry due to a...

2.9CVSS6.4AI score0.00152EPSS
Exploits0References3
Akamai Blog
Akamai Blog
added 2024/10/08 1:0 p.m.3 views

Migrating from Client-Side to Server-Side Adaptive Bitrate Streaming

Streaming platforms scale to accommodate millions of concurrent viewers across diverse devices and network conditions, making efficient adaptive bitrate ABR streaming essential...

7AI score
Exploits0
NVD
NVD
added 2024/10/07 1:15 p.m.11 views

CVE-2024-23379

Memory corruption while unmapping the fastrpc map when two threads can free the same map in concurrent scenario...

6.7CVSS0.0011EPSS
Exploits0References1
Cvelist
Cvelist
added 2024/10/07 12:58 p.m.17 views

CVE-2024-23379 Double Free in DSP Services

Memory corruption while unmapping the fastrpc map when two threads can free the same map in concurrent scenario...

6.7CVSS0.0011EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2024/10/07 12:58 p.m.14 views

CVE-2024-23379 Double Free in DSP Services

Memory corruption while unmapping the fastrpc map when two threads can free the same map in concurrent scenario...

6.7CVSS7.2AI score0.0011EPSS
Exploits0References1
CVE
CVE
added 2024/10/07 12:58 p.m.49 views

CVE-2024-23379

CVE-2024-23379 concerns a memory corruption/double-free issue in Qualcomm DSP/Fastrpc services where two threads can free the same fastrpc map during unmapping, leading to memory corruption. Affected component: DSP Services/Fastrpc on Qualcomm chipsets. Root cause: concurrent unmapping frees the ...

6.7CVSS6.8AI score0.0011EPSS
Exploits0References1Affected Software1
BDU FSTEC
BDU FSTEC
added 2024/10/07 12:0 a.m.5 views

The software for creating and running NVIDIA Container Toolkit containers, as well as the NVIDIA GPU Operator resource management software, is vulnerable. This vulnerability allows attackers to escalate their privileges or execute arbitrary code.

The vulnerability of software for creating and running NVIDIA Container Toolkit containers, as well as software for managing NVIDIA GPU resources, is related to the assignment of a zero pointer due to concurrent access to resources. Exploiting this vulnerability allows a malicious actor to enhanc...

9CVSS8.2AI score0.36458EPSS
Exploits2References4Affected Software3
Positive Technologies
Positive Technologies
added 2024/10/07 12:0 a.m.5 views

PT-2024-19854 · Fastrpc · Fastrpc

Name of the Vulnerable Software and Affected Versions: Fastrpc affected versions not specified Description: The issue is related to memory corruption that occurs when two threads attempt to free the same map in a concurrent scenario while unmapping the fastrpc map. Recommendations: At the moment,...

6.7CVSS7.1AI score0.0011EPSS
Exploits0References5
Snyk
Snyk
added 2024/10/01 6:38 a.m.1 views

Race Condition

Overview planai is an A simple framework for coordinating classical compute and LLM-based tasks. Affected versions of this package are vulnerable to Race Condition through dispatchnotify, dispatchonce, notifycompleted and taskcompleted methods. Note: The vulnerability is triggered under concurren...

8.3CVSS7.1AI score
Exploits0References3
RedHat Linux
RedHat Linux
added 2024/09/24 12:51 p.m.3 views

azure-identity: Azure Identity Libraries Elevation of Privilege Vulnerability in github.com/Azure/azure-sdk-for-go/sdk/azidentity

A flaw was found in Microsoft's Azure Identity Libraries and the Microsoft Authentication Library MSAL. The flaw arises from a race condition—a scenario where the timing of events leads to unexpected behavior—during concurrent operations on shared resources. This can result in privilege escalatio...

5.5CVSS7.3AI score0.00788EPSS
Exploits0References8
SUSE CVE
SUSE CVE
added 2024/09/19 3:10 a.m.4 views

SUSE CVE-2024-46762

In the Linux kernel, the following vulnerability has been resolved: xen: privcmd: Fix possible access to a freed kirqfd instance Nothing prevents simultaneous ioctl calls to privcmdirqfdassign and privcmdirqfddeassign. If that happens, it is possible that a kirqfd created and added to the...

5.5CVSS7.5AI score0.00238EPSS
Exploits0References3
SUSE CVE
SUSE CVE
added 2024/09/17 2:50 a.m.1 views

SUSE CVE-2024-46701

In the Linux kernel, the following vulnerability has been resolved: libfs: fix infinite directory reads for offset dir After we switch tmpfs dir operations from simplediroperations to simpleoffsetdiroperations, every rename happened will fill new dentry to dest dir's maple...

5.5CVSS7.8AI score0.00188EPSS
Exploits0References3
BDU FSTEC
BDU FSTEC
added 2024/09/16 12:0 a.m.6 views

The vulnerability of the unix_release_sock/unix_stream_sendmsg function in the af_unix component of the Linux operating system allows a attacker to cause a service failure.

The vulnerability of the unixreleasesock/unixstreamsendmsg function in the afunix component is related to concurrent access to resources race condition. Exploiting this vulnerability could allow a attacker to cause service failures...

4.7CVSS6.7AI score0.00186EPSS
Exploits0References52Affected Software6
SUSE CVE
SUSE CVE
added 2024/09/12 2:51 a.m.2 views

SUSE CVE-2024-45024

In the Linux kernel, the following vulnerability has been resolved: mm/hugetlb: fix hugetlb vs. core-mm PT locking We recently made GUP's common page table walking code to also walk hugetlb VMAs without most hugetlb special-casing, preparing for the future of having less hugetlb-specific page tab...

5.5CVSS6.6AI score0.00139EPSS
Exploits0References3
Rows per page
Query Builder