Lucene search
K

40 matches found

RedhatCVE
RedhatCVE
added 2026/06/26 9:55 p.m.9 views

CVE-2026-54905

A flaw was found in concurrent-ruby. The Concurrent::ReentrantReadWriteLock component can incorrectly grant a write lock to a thread while other threads still hold or can acquire read locks. This occurs when a thread acquires a read lock 32,768 times, causing an internal counter to incorrectly...

5.5CVSS5.6AI score0.00106EPSS
Exploits0References4
RedhatCVE
RedhatCVE
added 2026/06/25 5:17 p.m.5 views

CVE-2026-54906

A flaw was found in concurrent-ruby, a Ruby library for managing concurrent operations. The Concurrent::ReadWriteLock component contains a synchronization issue where write locks can be released by unauthorized threads. This could allow multiple threads to write concurrently, potentially leading ...

9.8CVSS5.7AI score0.0016EPSS
Exploits0References4
Tenable Nessus
Tenable Nessus
added 2026/06/25 12:0 a.m.12 views

Linux Distros Unpatched Vulnerability : CVE-2026-54906

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - concurrent-ruby is a modern concurrency tools for Ruby. Prior to 1.3.7, Concurrent::ReadWriteLockreleasewritelock does not verify that the calling thread acquir...

9.8CVSS6AI score0.0016EPSS
Exploits0References3
Tenable Nessus
Tenable Nessus
added 2026/06/25 12:0 a.m.11 views

Linux Distros Unpatched Vulnerability : CVE-2026-54905

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - concurrent-ruby is a modern concurrency tools for Ruby. Prior to 1.3.7, Concurrent::ReentrantReadWriteLock can incorrectly grant a write lock after one thread...

5.5CVSS6AI score0.00106EPSS
Exploits0References3
NVD
NVD
added 2026/06/24 5:17 p.m.7 views

CVE-2026-54906

concurrent-ruby is a modern concurrency tools for Ruby. Prior to 1.3.7, Concurrent::ReadWriteLockreleasewritelock does not verify that the calling thread acquired the write lock. Any thread with access to the lock object can release an active write lock held by another thread. A second writer can...

9.8CVSS0.0016EPSS
Exploits0References1
OSV
OSV
added 2026/06/24 4:29 p.m.3 views

CVE-2026-53024 greybus: raw: fix use-after-free if write is called after disconnect

In the Linux kernel, the following vulnerability has been resolved: greybus: raw: fix use-after-free if write is called after disconnect If a user writes to the chardev after disconnect has been called, the kernel panics with the following trace with CONFIGINITONFREEDEFAULTON=y: BUG: kernel NULL...

7.8CVSS5.8AI score0.00129EPSS
Exploits0References5
CVE
CVE
added 2026/06/24 4:29 p.m.7 views

CVE-2026-53024

Summary: CVE-2026-53024 affects the Linux kernel Greybus raw subsystem. A use-after-free can occur when a user writes to a chardev after disconnect, because gb_connection_destroy frees the connection object during disconnect and a subsequent write may access that freed object, potentially trigger...

7.8CVSS5.7AI score0.00129EPSS
Exploits0References2
Cvelist
Cvelist
added 2026/06/24 3:46 p.m.32 views

CVE-2026-54906 concurrent-ruby: ReadWriteLock allows wrong-thread write release and stray read-release counter corruption

concurrent-ruby is a modern concurrency tools for Ruby. Prior to 1.3.7, Concurrent::ReadWriteLockreleasewritelock does not verify that the calling thread acquired the write lock. Any thread with access to the lock object can release an active write lock held by another thread. A second writer can...

2.1CVSS0.0016EPSS
Exploits0References1
CVE
CVE
added 2026/06/24 3:46 p.m.42 views

CVE-2026-54906

Vulnerability summary (CVE-2026-54906) : In the Ruby concurrency library concurrent-ruby (ReadWriteLock), versions prior to 1.3.7 expose a synchronization bug in the public API. Specifically, release_write_lock does not verify that the calling thread owns the write lock, allowing another thread t...

9.8CVSS5.9AI score0.0016EPSS
Exploits0References1Affected Software1
Cvelist
Cvelist
added 2026/06/24 3:42 p.m.31 views

CVE-2026-54905 concurrent-ruby: `ReentrantReadWriteLock` read-count overflow grants a write lock without exclusivity

concurrent-ruby is a modern concurrency tools for Ruby. Prior to 1.3.7, Concurrent::ReentrantReadWriteLock can incorrectly grant a write lock after one thread acquires the read lock 32,768 times. The lock stores a thread's local read and write hold counts in one integer. The low 15 bits are used...

2CVSS0.00106EPSS
Exploits0References1
CVE
CVE
added 2026/06/24 3:42 p.m.38 views

CVE-2026-54905

CVE-2026-54905 affects the concurrent-ruby library, specifically Concurrent::ReentrantReadWriteLock. Before version 1.3.7, after a thread acquires the read lock 32,768 times, the local read count overflows into the WRITE_LOCK_HELD bit, causing try_write_lock to treat the thread as if it holds a w...

5.5CVSS5.8AI score0.00106EPSS
Exploits0References1Affected Software1
Github Security Blog
Github Security Blog
added 2026/06/19 8:47 p.m.10 views

Concurrent Ruby: ReadWriteLock allows wrong-thread write release and stray read-release counter corruption

Summary Concurrent::ReadWriteLockreleasewritelock does not verify that the calling thread acquired the write lock. Any thread with access to the lock object can release an active write lock held by another thread. A second writer can then enter its critical section while the first writer is still...

9.8CVSS6AI score0.0016EPSS
Exploits0References2Affected Software1
OSV
OSV
added 2026/06/19 8:47 p.m.4 views

GHSA-6WX8-W4F5-WWCR Concurrent Ruby: ReadWriteLock allows wrong-thread write release and stray read-release counter corruption

Summary Concurrent::ReadWriteLockreleasewritelock does not verify that the calling thread acquired the write lock. Any thread with access to the lock object can release an active write lock held by another thread. A second writer can then enter its critical section while the first writer is still...

2.1CVSS6AI score0.0016EPSS
Exploits0References2
RubySec
RubySec
added 2026/06/19 12:0 a.m.7 views

Concurrent Ruby - ReadWriteLock allows wrong-thread write release and stray read-release counter corruption

Summary Concurrent::ReadWriteLockreleasewritelock does not verify that the calling thread acquired the write lock. Any thread with access to the lock object can release an active write lock held by another thread. A second writer can then enter its critical section while the first writer is still...

9.8CVSS5.9AI score0.0016EPSS
Exploits0References1Affected Software1
Positive Technologies
Positive Technologies
added 2026/06/03 12:0 a.m.14 views

PT-2026-46025

Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description A deadlock occurs in the ASoC fsl xcvr component due to an improper locking mechanism in the fsl xcvr mode put function. The issue arises when the function attempts to acquire the...

5.5CVSS5.4AI score0.00091EPSS
Exploits0References11
Positive Technologies
Positive Technologies
added 2026/05/28 12:0 a.m.31 views

PT-2026-44244

Name of the Vulnerable Software and Affected Versions Linux kernel versions prior to 7.0.11-1.1 Description A use-after-free issue exists in the DAMON sysfs interface. Direct reads and writes of the memcg path and path files can race, as the write operation deallocates the buffer pointed to by...

9.8CVSS6.1AI score0.00513EPSS
Exploits7References290
AstraLinux
AstraLinux
added 2026/05/20 5:53 a.m.6 views

Astra Linux – Vulnerabilities in Linux 5.10, Linux 5.15, Linux 6.1

In the Linux kernel, the following vulnerability has been resolved: can: j1939: prevents deadlock by changing j1939sockslock to rwlock. The following 3 locks may race against each other, causing a deadlock situation in the Syzbot bug report: - j1939sockslock - activesessionlistlock -...

5.5CVSS6.2AI score0.00183EPSS
Exploits0References2
AstraLinux
AstraLinux
added 2026/05/20 5:53 a.m.5 views

Astra Linux – Vulnerability in Linux

In the Linux kernel, the following vulnerabilities have been resolved: locking/qrwlock: Fixed the ordering in queuedwritelockslowpath While this code is executed with waitlock held, a reader can acquire the lock without holding waitlock. The writer side loops checking the value using...

5.5CVSS6.4AI score0.00228EPSS
Exploits0References2
CNNVD
CNNVD
added 2026/02/18 12:0 a.m.9 views

Linux kernel 安全漏洞

The Linux kernel is the core of the open-source operating system Linux, developed by the Linux Foundation in the United States. There is a security vulnerability in the Linux kernel, which stems from the lack of read-write lock protection, potentially leading to data competition issues...

4.7CVSS5.8AI score0.00086EPSS
Exploits0References5
Tenable Nessus
Tenable Nessus
added 2026/01/14 12:0 a.m.6 views

MiracleLinux 3 : systemtap-1.6-7.AXS3 (AXSA:2012-344:01)

The remote MiracleLinux 3 host has packages installed that are affected by a vulnerability as referenced in the AXSA:2012-344:01 advisory. SystemTap is an instrumentation system for systems running Linux 2.6. Developers can write instrumentation to collect data on the operation of the system...

5.4CVSS5.7AI score0.0035EPSS
Exploits0References2
Rows per page
Query Builder