Lucene search
K

82 matches found

NVD
NVD
added 2026/06/24 5:17 p.m.8 views

CVE-2026-54905

concurrent-ruby is a modern concurrency tools for Ruby. Prior to 1.3.7, Concurrent::ReentrantReadWriteLock can incorrectly grant a write lock after one thread acquires the read lock 32,768 times. The lock stores a thread's local read and write hold counts in one integer. The low 15 bits are used...

5.5CVSS0.00106EPSS
Exploits0References1
CVE
CVE
added 2026/06/24 3:42 p.m.31 views

CVE-2026-54905

CVE-2026-54905 affects the concurrent-ruby library, specifically Concurrent::ReentrantReadWriteLock. Before version 1.3.7, after a thread acquires the read lock 32,768 times, the local read count overflows into the WRITE_LOCK_HELD bit, causing try_write_lock to treat the thread as if it holds a w...

5.5CVSS5.8AI score0.00106EPSS
Exploits0References1Affected Software1
OSV
OSV
added 2026/06/19 8:47 p.m.4 views

GHSA-WV3X-4VXV-WHPP Concurrent Ruby: `ReentrantReadWriteLock` read-count overflow grants a write lock without exclusivity

Summary Concurrent::ReentrantReadWriteLock can incorrectly grant a write lock after one thread acquires the read lock 32,768 times. The lock stores a thread's local read and write hold counts in one integer. The low 15 bits are used for the read hold count, and bit 15 is used as WRITELOCKHELD...

2CVSS5.9AI score0.00106EPSS
Exploits0References2
Github Security Blog
Github Security Blog
added 2026/06/19 8:47 p.m.6 views

Concurrent Ruby: `ReentrantReadWriteLock` read-count overflow grants a write lock without exclusivity

Summary Concurrent::ReentrantReadWriteLock can incorrectly grant a write lock after one thread acquires the read lock 32,768 times. The lock stores a thread's local read and write hold counts in one integer. The low 15 bits are used for the read hold count, and bit 15 is used as WRITELOCKHELD...

5.5CVSS5.9AI score0.00106EPSS
Exploits0References2Affected Software1
Positive Technologies
Positive Technologies
added 2026/06/19 12:0 a.m.12 views

PT-2026-51091

Name of the Vulnerable Software and Affected Versions concurrent-ruby versions prior to 1.3.7 Description Concurrent::ReentrantReadWriteLock can incorrectly grant a write lock after a single thread acquires the read lock 32,768 times. The lock manages a thread's local read and write hold counts...

5.5CVSS5.9AI score0.00106EPSS
Exploits0References8
RubySec
RubySec
added 2026/06/19 12:0 a.m.5 views

Concurrent Ruby - `ReentrantReadWriteLock` read-count overflow grants a write lock without exclusivity

Summary Concurrent::ReentrantReadWriteLock can incorrectly grant a write lock after one thread acquires the read lock 32,768 times. The lock stores a thread's local read and write hold counts in one integer. The low 15 bits are used for the read hold count, and bit 15 is used as WRITELOCKHELD...

5.5CVSS5.8AI score0.00106EPSS
Exploits0References1Affected Software1
Debian CVE
Debian CVE
added 2026/05/28 9:35 a.m.9 views

CVE-2026-46106

In the Linux kernel, the following vulnerability has been resolved: eventfs: Hold eventfsmutex and SRCU when remount walks events Commit 340f0c7067a9 "eventfs: Update all the eventfsinodes from the events descriptor" had eventfssetattrs recurse through ei-children on remount. The walk only holds...

5.5CVSS5.7AI score0.00122EPSS
Exploits0
CNNVD
CNNVD
added 2026/05/08 12:0 a.m.9 views

Linux kernel 安全漏洞

The Linux kernel is the core of the open-source operating system Linux, developed by the Linux Foundation in the United States. There is a security vulnerability in the Linux kernel, which stems from the lack of mutual exclusion protection for class/subclass/protocol options in USB Gadget FRNDIS...

4.7CVSS5.8AI score0.00086EPSS
Exploits0References1
Cvelist
Cvelist
added 2026/05/06 11:27 a.m.28 views

CVE-2026-43143 mfd: core: Add locking around 'mfd_of_node_list'

In the Linux kernel, the following vulnerability has been resolved: mfd: core: Add locking around 'mfdofnodelist' Manipulating a list in the kernel isn't safe without some sort of mutual exclusion. Add a mutex any time we access / modify 'mfdofnodelist' to prevent possible crashes...

0.00128EPSS
Exploits0References6
CVE
CVE
added 2026/05/06 11:27 a.m.13 views

CVE-2026-43143

In the Linux kernel, CVE-2026-43143 fixes a concurrency issue in the multi-function device (mfd) core: access/modification of the mfd_of_node_list was not mutex-protected, risking unsafe list manipulation and potential crashes. The fix adds a mutex to guard this list, reducing crash likelihood. P...

5.5CVSS5.8AI score0.00128EPSS
Exploits0References6Affected Software1
CVE
CVE
added 2026/04/03 1:24 p.m.19 views

CVE-2026-23420

CVE-2026-23420 affects the Linux kernel wlcore Wi‑Fi driver. The issue is a locking-order bug where wl->mutex could be unlocked without being held, as identified by a Clang thread-safety analyzer. This is associated with potential synchronization instability; patches exist in Rootio‑Linux pack...

5.5CVSS5.7AI score0.00091EPSS
Exploits0References8Affected Software1
RedhatCVE
RedhatCVE
added 2026/01/07 9:31 a.m.4 views

CVE-2019-16137

An issue was discovered in the spin crate before 0.5.2 for Rust, when RwLock is used. Because memory ordering is mishandled, two writers can acquire the lock at the same time, violating mutual exclusion...

7.8CVSS6.8AI score0.01423EPSS
Exploits0References1
SUSE CVE
SUSE CVE
added 2026/01/06 12:24 a.m.3 views

SUSE CVE-2025-68756

In the Linux kernel, the following vulnerability has been resolved: block: Use RCU in blkmqunquiescetagset instead of set-taglistlock blkmqadd,delqueuetagset functions add and remove queues from tagset, the functions make sure that tagset and queues are marked as shared when two or more queues ar...

4.7CVSS6.3AI score0.00157EPSS
Exploits0References3
EUVD
EUVD
added 2025/12/30 3:30 p.m.3 views

EUVD-2023-60404

In the Linux kernel, the following vulnerability has been resolved: net/smc: fix potential panic dues to unprotected smcllcsrvaddlink There is a certain chance to trigger the following panic: PID: 5900 TASK: ffff88c1c8af4100 CPU: 1 COMMAND: "kworker/1:48" 0 ffff9456c1cc79a0 machinekexec at...

6AI score0.00166EPSS
Exploits0References4
RedHat Linux
RedHat Linux
added 2025/11/25 12:47 a.m.4 views

kernel: Bluetooth: L2CAP: Fix user-after-free

In the Linux kernel, the following vulnerability has been resolved: Bluetooth: L2CAP: Fix user-after-free This uses l2capchanholdunlesszero after calling l2capgetchanblah to prevent the following trace: Bluetooth: l2capcore.c:static void l2capchandestroystruct kref kref Bluetooth: chan...

8CVSS6.8AI score0.0033EPSS
Exploits0References5
CNNVD
CNNVD
added 2025/10/15 12:0 a.m.2 views

Linux kernel 安全漏洞

Linux kernel is the kernel used by Linux, the open source operating system of the Linux Foundation in the United States. A security vulnerability exists in Linux kernel that stems from uninitialized HWS action reference counting and mutual exclusion locks in the net/mlx5 component, which could le...

6.1AI score0.00168EPSS
Exploits0References2
EUVD
EUVD
added 2025/10/07 12:30 a.m.6 views

EUVD-2021-1759

Malware in sbrugna...

7.8CVSS7.4AI score0.01423EPSS
Exploits0References7
Tenable Nessus
Tenable Nessus
added 2025/10/07 12:0 a.m.5 views

Unity Linux 20.1050a / 20.1060a / 20.1070a Security Update: kernel (UTSA-2025-386515)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2025-386515 advisory. In the Linux kernel, the following vulnerability has been resolved: nilfs2: protect references to superblock parameters exposed in sysfs The superblock buffers of...

5.5CVSS6.4AI score0.00229EPSS
Exploits0References3
EUVD
EUVD
added 2025/10/03 8:7 p.m.3 views

EUVD-2025-11245

Malicious code in bioql PyPI...

5.5CVSS7.2AI score0.00217EPSS
Exploits0References8
EUVD
EUVD
added 2025/10/03 8:7 p.m.4 views

EUVD-2023-48478

Malicious code in bioql PyPI...

7.5CVSS7.6AI score0.00323EPSS
Exploits0References2
Rows per page
Query Builder