15 matches found
CVE-2026-54906 concurrent-ruby: ReadWriteLock allows wrong-thread write release and stray read-release counter corruption
concurrent-ruby is a modern concurrency tools for Ruby. Prior to 1.3.7, Concurrent::ReadWriteLockreleasewritelock does not verify that the calling thread acquired the write lock. Any thread with access to the lock object can release an active write lock held by another thread. A second writer can...
kernel: Linux kernel io_uring: Local privilege escalation, information disclosure, or denial of service via use-after-free
A flaw was found in the Linux kernel's iouring subsystem. A local attacker with low privileges could exploit a use-after-free vulnerability when the sq-thread object is prematurely released while still being accessed by the iouringshowfdinfo function. This flaw could lead to privilege escalation,...
Unity Linux 20.1060e / 20.1070e Security Update: kernel (UTSA-2026-004348)
The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-004348 advisory. In binderthreadrelease of binder.c, there is a possible use after free due to a race condition. This could lead to local escalation of privilege with no additional...
Unity Linux 20.1050e / 20.1060e / 20.1070e Security Update: kernel (UTSA-2026-001606)
The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-001606 advisory. In binderthreadrelease of binder.c, there is a possible use after free due to a race condition. This could lead to local escalation of privilege with no additional...
Unity Linux 20.1060a / 20.1070a Security Update: kernel (UTSA-2026-004122)
The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-004122 advisory. In binderthreadrelease of binder.c, there is a possible use after free due to a race condition. This could lead to local escalation of privilege with no additional...
Linux Distros Unpatched Vulnerability : CVE-2020-0030
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - In binderthreadrelease of binder.c, there is a possible use after free due to a race condition. This could lead to local escalation of privilege with no...
Linux kernel 安全漏洞
Linux kernel is the kernel used by Linux, the open source operating system of the Linux Foundation in the United States. A security vulnerability exists in the Linux kernel that stems from iouring releasing sq-thread after use in iouringshowfdinfo...
SUSE CVE-2020-0030
In binderthreadrelease of binder.c, there is a possible use after free due to a race condition. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android kernelAndroid ID:...
Mozilla: Use-after-free in HTTP2 Session object
The Mozilla Foundation Security Advisory describes this flaw as: A use-after-free could have occured when an HTTP2 session object was released on a different thread, leading to memory corruption and a potentially exploitable crash...
Mozilla: Use-after-free in HTTP2 Session object
The Mozilla Foundation Security Advisory describes this flaw as: A use-after-free could have occured when an HTTP2 session object was released on a different thread, leading to memory corruption and a potentially exploitable crash...
Mozilla: Use-after-free in HTTP2 Session object
The Mozilla Foundation Security Advisory describes this flaw as: A use-after-free could have occured when an HTTP2 session object was released on a different thread, leading to memory corruption and a potentially exploitable crash...
DEBIAN-CVE-2020-0030
In binderthreadrelease of binder.c, there is a possible use after free due to a race condition. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android kernelAndroid ID:...
Race condition
In binderthreadrelease of binder.c, there is a possible use after free due to a race condition. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android kernelAndroid ID:...
CVE-2020-0030
In binderthreadrelease of binder.c, there is a possible use after free due to a race condition. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android kernelAndroid ID:...
Google Android Qualcomm Closed Source Component Input Validation Error Vulnerability
Android is a Linux-based open source operating system from Google and the Open Handheld Alliance OHA. An input validation error vulnerability exists in the Qualcomm closed source component in Android. An attacker can exploit this vulnerability to write arbitrary memory addresses passed by the use...