11 matches found
EUVD-2020-2489
Malware in sbrugna...
Malicious code in parse-async-theta-user-thread (npm)
The package parse-async-theta-user-thread was found to contain malicious code...
MAL-2025-28876 Malicious code in parse-async-theta-user-thread (npm)
The package parse-async-theta-user-thread was found to contain malicious code...
UBUNTU-CVE-2025-21718
In the Linux kernel, the following vulnerability has been resolved: net: rose: fix timer races against user threads Rose timers only acquire the socket spinlock, without checking if the socket is owned by one user thread. Add a check and rearm the timers if needed. BUG: KASAN: slab-use-after-free...
CVE-2025-21718 net: rose: fix timer races against user threads
In the Linux kernel, the following vulnerability has been resolved: net: rose: fix timer races against user threads Rose timers only acquire the socket spinlock, without checking if the socket is owned by one user thread. Add a check and rearm the timers if needed. BUG: KASAN: slab-use-after-free...
Linux kernel 安全漏洞
Linux kernel is the kernel used by Linux, the open source operating system of the Linux Foundation in the United States. A security vulnerability exists in the Linux kernel that stems from rosetimer competing with a user thread...
CVE-2021-0565
In wrapUserThread of AudioStream.cpp, there is a possible use after free due to a race condition. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-11Android ID:...
Code injection
An attacker who has obtained code execution within a user thread is able to elevate privileges to that of the kernel. See NCC-ZEP-001 This issue affects: zephyrproject-rtos zephyr version 1.14.0 and later versions. version 2.1.0 and later versions...
CVE-2020-10067 Integer Overflow In is_in_region Allows User Thread To Access Kernel Memory
A malicious userspace application can cause a integer overflow and bypass security checks performed by system call handlers. The impact would depend on the underlying system call and can range from denial of service to information leak to memory corruption resulting in code execution within the...
Systrace Multiple System Call Wrappers Concurrency Vulnerabilities
No description provided by source. source: http://www.securityfocus.com/bid/25258/info Systrace is prone to multiple concurrency vulnerabilities due to its implementation of system call wrappers. This problem can result in a race condition between a user thread and the kernel. Attackers can explo...
Systrace - Multiple System Call Wrappers Concurrency Vulnerabilities
source: https://www.securityfocus.com/bid/25258/info Systrace is prone to multiple concurrency vulnerabilities due to its implementation of system call wrappers. This problem can result in a race condition between a user thread and the kernel. Attackers can exploit these issues by replacing certa...