2567 matches found
Wasmtime race condition could lead to WebAssembly control-flow integrity and type safety violations
Impact Under certain concurrent event orderings, a wasmtime::Engine's internal type registry was susceptible to double-unregistration bugs due to a race condition, leading to panics and potentially type registry corruption. That registry corruption could, following an additional and particular...
DEBIAN-CVE-2024-47813
Wasmtime is an open source runtime for WebAssembly. Under certain concurrent event orderings, a wasmtime::Engine's internal type registry was susceptible to double-unregistration bugs due to a race condition, leading to panics and potentially type registry corruption. That registry corruption...
CVE-2024-47813
Wasmtime is an open source runtime for WebAssembly. Under certain concurrent event orderings, a wasmtime::Engine's internal type registry was susceptible to double-unregistration bugs due to a race condition, leading to panics and potentially type registry corruption. That registry corruption...
PYSEC-2024-311
Wasmtime is an open source runtime for WebAssembly. Under certain concurrent event orderings, a wasmtime::Engine's internal type registry was susceptible to double-unregistration bugs due to a race condition, leading to panics and potentially type registry corruption. That registry corruption...
CVE-2024-47813
CVE-2024-47813 is a race-condition bug in Wasmtime where concurrent creation/dropping of types (e.g., FuncType, ArrayType) on a shared wasmtime::Engine can cause double-unregistration, potentially corrupting the internal type registry and violating WebAssembly CFI and type safety. The issue arise...
CVE-2024-47813 Wasmtime race condition could lead to WebAssembly control-flow integrity and type safety violations
Wasmtime is an open source runtime for WebAssembly. Under certain concurrent event orderings, a wasmtime::Engine's internal type registry was susceptible to double-unregistration bugs due to a race condition, leading to panics and potentially type registry corruption. That registry corruption...
Wasmtime 安全漏洞
Wasmtime is a standalone WebAssembly and WASI-only wasm optimization runtime open-sourced by the Bytecode Alliance. A security vulnerability exists in Wasmtime that stems from a double deregistration error in the type registry of Wasmtime's wasmtime::Engine internal type registry due to a...
Migrating from Client-Side to Server-Side Adaptive Bitrate Streaming
Streaming platforms scale to accommodate millions of concurrent viewers across diverse devices and network conditions, making efficient adaptive bitrate ABR streaming essential...
CVE-2024-23379
Memory corruption while unmapping the fastrpc map when two threads can free the same map in concurrent scenario...
CVE-2024-23379 Double Free in DSP Services
Memory corruption while unmapping the fastrpc map when two threads can free the same map in concurrent scenario...
CVE-2024-23379 Double Free in DSP Services
Memory corruption while unmapping the fastrpc map when two threads can free the same map in concurrent scenario...
CVE-2024-23379
CVE-2024-23379 concerns a memory corruption/double-free issue in Qualcomm DSP/Fastrpc services where two threads can free the same fastrpc map during unmapping, leading to memory corruption. Affected component: DSP Services/Fastrpc on Qualcomm chipsets. Root cause: concurrent unmapping frees the ...
The software for creating and running NVIDIA Container Toolkit containers, as well as the NVIDIA GPU Operator resource management software, is vulnerable. This vulnerability allows attackers to escalate their privileges or execute arbitrary code.
The vulnerability of software for creating and running NVIDIA Container Toolkit containers, as well as software for managing NVIDIA GPU resources, is related to the assignment of a zero pointer due to concurrent access to resources. Exploiting this vulnerability allows a malicious actor to enhanc...
PT-2024-19854 · Fastrpc · Fastrpc
Name of the Vulnerable Software and Affected Versions: Fastrpc affected versions not specified Description: The issue is related to memory corruption that occurs when two threads attempt to free the same map in a concurrent scenario while unmapping the fastrpc map. Recommendations: At the moment,...
Race Condition
Overview planai is an A simple framework for coordinating classical compute and LLM-based tasks. Affected versions of this package are vulnerable to Race Condition through dispatchnotify, dispatchonce, notifycompleted and taskcompleted methods. Note: The vulnerability is triggered under concurren...
azure-identity: Azure Identity Libraries Elevation of Privilege Vulnerability in github.com/Azure/azure-sdk-for-go/sdk/azidentity
A flaw was found in Microsoft's Azure Identity Libraries and the Microsoft Authentication Library MSAL. The flaw arises from a race condition—a scenario where the timing of events leads to unexpected behavior—during concurrent operations on shared resources. This can result in privilege escalatio...
SUSE CVE-2024-46762
In the Linux kernel, the following vulnerability has been resolved: xen: privcmd: Fix possible access to a freed kirqfd instance Nothing prevents simultaneous ioctl calls to privcmdirqfdassign and privcmdirqfddeassign. If that happens, it is possible that a kirqfd created and added to the...
SUSE CVE-2024-46701
In the Linux kernel, the following vulnerability has been resolved: libfs: fix infinite directory reads for offset dir After we switch tmpfs dir operations from simplediroperations to simpleoffsetdiroperations, every rename happened will fill new dentry to dest dir's maple...
The vulnerability of the unix_release_sock/unix_stream_sendmsg function in the af_unix component of the Linux operating system allows a attacker to cause a service failure.
The vulnerability of the unixreleasesock/unixstreamsendmsg function in the afunix component is related to concurrent access to resources race condition. Exploiting this vulnerability could allow a attacker to cause service failures...
SUSE CVE-2024-45024
In the Linux kernel, the following vulnerability has been resolved: mm/hugetlb: fix hugetlb vs. core-mm PT locking We recently made GUP's common page table walking code to also walk hugetlb VMAs without most hugetlb special-casing, preparing for the future of having less hugetlb-specific page tab...