Lucene search
K

125 matches found

RedhatCVE
RedhatCVE
added 2026/06/26 9:55 p.m.9 views

CVE-2026-54905

A flaw was found in concurrent-ruby. The Concurrent::ReentrantReadWriteLock component can incorrectly grant a write lock to a thread while other threads still hold or can acquire read locks. This occurs when a thread acquires a read lock 32,768 times, causing an internal counter to incorrectly...

5.5CVSS5.6AI score0.00106EPSS
Exploits0References4
RedhatCVE
RedhatCVE
added 2026/06/25 5:17 p.m.4 views

CVE-2026-54906

A flaw was found in concurrent-ruby, a Ruby library for managing concurrent operations. The Concurrent::ReadWriteLock component contains a synchronization issue where write locks can be released by unauthorized threads. This could allow multiple threads to write concurrently, potentially leading ...

9.8CVSS5.7AI score0.0016EPSS
Exploits0References4
Tenable Nessus
Tenable Nessus
added 2026/06/25 12:0 a.m.12 views

Linux Distros Unpatched Vulnerability : CVE-2026-54906

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - concurrent-ruby is a modern concurrency tools for Ruby. Prior to 1.3.7, Concurrent::ReadWriteLockreleasewritelock does not verify that the calling thread acquir...

9.8CVSS6AI score0.0016EPSS
Exploits0References3
Tenable Nessus
Tenable Nessus
added 2026/06/25 12:0 a.m.11 views

Linux Distros Unpatched Vulnerability : CVE-2026-54905

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - concurrent-ruby is a modern concurrency tools for Ruby. Prior to 1.3.7, Concurrent::ReentrantReadWriteLock can incorrectly grant a write lock after one thread...

5.5CVSS6AI score0.00106EPSS
Exploits0References3
NVD
NVD
added 2026/06/24 5:17 p.m.7 views

CVE-2026-54906

concurrent-ruby is a modern concurrency tools for Ruby. Prior to 1.3.7, Concurrent::ReadWriteLockreleasewritelock does not verify that the calling thread acquired the write lock. Any thread with access to the lock object can release an active write lock held by another thread. A second writer can...

9.8CVSS0.0016EPSS
Exploits0References1
NVD
NVD
added 2026/06/24 5:17 p.m.8 views

CVE-2026-54905

concurrent-ruby is a modern concurrency tools for Ruby. Prior to 1.3.7, Concurrent::ReentrantReadWriteLock can incorrectly grant a write lock after one thread acquires the read lock 32,768 times. The lock stores a thread's local read and write hold counts in one integer. The low 15 bits are used...

5.5CVSS0.00106EPSS
Exploits0References1
EUVD
EUVD
added 2026/06/24 4:30 p.m.4 views

EUVD-2026-38941

In the Linux kernel, the following vulnerability has been resolved: Bluetooth: hcildisc: Clear HCIUARTPROTOINIT on error When hciregisterdev fails in hciuartregisterdev HCIUARTPROTOINIT is not cleared before calling hu-proto-closehu and setting hu-hdev to NULL. This means incoming UART data will...

5.8AI score0.00172EPSS
Exploits0References8
CVE
CVE
added 2026/06/24 4:29 p.m.7 views

CVE-2026-53024

Summary: CVE-2026-53024 affects the Linux kernel Greybus raw subsystem. A use-after-free can occur when a user writes to a chardev after disconnect, because gb_connection_destroy frees the connection object during disconnect and a subsequent write may access that freed object, potentially trigger...

7.8CVSS5.7AI score0.00129EPSS
Exploits0References2
Cvelist
Cvelist
added 2026/06/24 3:46 p.m.29 views

CVE-2026-54906 concurrent-ruby: ReadWriteLock allows wrong-thread write release and stray read-release counter corruption

concurrent-ruby is a modern concurrency tools for Ruby. Prior to 1.3.7, Concurrent::ReadWriteLockreleasewritelock does not verify that the calling thread acquired the write lock. Any thread with access to the lock object can release an active write lock held by another thread. A second writer can...

2.1CVSS0.0016EPSS
Exploits0References1
CVE
CVE
added 2026/06/24 3:46 p.m.31 views

CVE-2026-54906

Vulnerability summary (CVE-2026-54906) : In the Ruby concurrency library concurrent-ruby (ReadWriteLock), versions prior to 1.3.7 expose a synchronization bug in the public API. Specifically, release_write_lock does not verify that the calling thread owns the write lock, allowing another thread t...

9.8CVSS5.9AI score0.0016EPSS
Exploits0References1Affected Software1
CVE
CVE
added 2026/06/24 3:42 p.m.32 views

CVE-2026-54905

CVE-2026-54905 affects the concurrent-ruby library, specifically Concurrent::ReentrantReadWriteLock. Before version 1.3.7, after a thread acquires the read lock 32,768 times, the local read count overflows into the WRITE_LOCK_HELD bit, causing try_write_lock to treat the thread as if it holds a w...

5.5CVSS5.8AI score0.00106EPSS
Exploits0References1Affected Software1
Cvelist
Cvelist
added 2026/06/24 3:42 p.m.30 views

CVE-2026-54905 concurrent-ruby: `ReentrantReadWriteLock` read-count overflow grants a write lock without exclusivity

concurrent-ruby is a modern concurrency tools for Ruby. Prior to 1.3.7, Concurrent::ReentrantReadWriteLock can incorrectly grant a write lock after one thread acquires the read lock 32,768 times. The lock stores a thread's local read and write hold counts in one integer. The low 15 bits are used...

2CVSS0.00106EPSS
Exploits0References1
Positive Technologies
Positive Technologies
added 2026/06/24 12:0 a.m.8 views

PT-2026-51967

Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description An issue exists in the Bluetooth component where HCI UART PROTO INIT is not cleared when hci register dev fails within the hci uart register dev function. This failure allows incoming UA...

6AI score0.00172EPSS
Exploits0References17
OSV
OSV
added 2026/06/19 8:47 p.m.3 views

GHSA-6WX8-W4F5-WWCR Concurrent Ruby: ReadWriteLock allows wrong-thread write release and stray read-release counter corruption

Summary Concurrent::ReadWriteLockreleasewritelock does not verify that the calling thread acquired the write lock. Any thread with access to the lock object can release an active write lock held by another thread. A second writer can then enter its critical section while the first writer is still...

2.1CVSS6AI score0.0016EPSS
Exploits0References2
Snyk
Snyk
added 2026/06/19 8:47 p.m.8 views

Improper Locking

Overview Affected versions of this package are vulnerable to Improper Locking in the releasewritelock and releasereadlock functions. An attacker can disrupt synchronization guarantees and exploit data races or cause denial of service by invoking these functions from unauthorized threads or withou...

9.8CVSS5.9AI score0.0016EPSS
Exploits0References2
Github Security Blog
Github Security Blog
added 2026/06/19 8:47 p.m.9 views

Concurrent Ruby: ReadWriteLock allows wrong-thread write release and stray read-release counter corruption

Summary Concurrent::ReadWriteLockreleasewritelock does not verify that the calling thread acquired the write lock. Any thread with access to the lock object can release an active write lock held by another thread. A second writer can then enter its critical section while the first writer is still...

9.8CVSS6AI score0.0016EPSS
Exploits0References2Affected Software1
OSV
OSV
added 2026/06/19 8:47 p.m.4 views

GHSA-WV3X-4VXV-WHPP Concurrent Ruby: `ReentrantReadWriteLock` read-count overflow grants a write lock without exclusivity

Summary Concurrent::ReentrantReadWriteLock can incorrectly grant a write lock after one thread acquires the read lock 32,768 times. The lock stores a thread's local read and write hold counts in one integer. The low 15 bits are used for the read hold count, and bit 15 is used as WRITELOCKHELD...

2CVSS5.9AI score0.00106EPSS
Exploits0References2
Github Security Blog
Github Security Blog
added 2026/06/19 8:47 p.m.6 views

Concurrent Ruby: `ReentrantReadWriteLock` read-count overflow grants a write lock without exclusivity

Summary Concurrent::ReentrantReadWriteLock can incorrectly grant a write lock after one thread acquires the read lock 32,768 times. The lock stores a thread's local read and write hold counts in one integer. The low 15 bits are used for the read hold count, and bit 15 is used as WRITELOCKHELD...

5.5CVSS5.9AI score0.00106EPSS
Exploits0References2Affected Software1
AstraLinux
AstraLinux
added 2026/06/19 11:10 a.m.6 views

Astra Linux – Vulnerabilities in Linux 5.10, Linux 5.15, Linux 6.1

In the Linux kernel, the following vulnerability has been resolved: can: j1939: prevents deadlock by changing j1939sockslock to rwlock. The following 3 locks may race against each other, causing a deadlock situation in the Syzbot bug report: - j1939sockslock - activesessionlistlock -...

5.5CVSS6.2AI score0.00183EPSS
Exploits0References2
AstraLinux
AstraLinux
added 2026/06/19 11:10 a.m.5 views

Astra Linux – Vulnerability in Linux

In the Linux kernel, the following vulnerabilities have been resolved: locking/qrwlock: Fixed the ordering in queuedwritelockslowpath While this code is executed with waitlock held, a reader can acquire the lock without holding waitlock. The writer side loops checking the value using...

5.5CVSS6.4AI score0.00228EPSS
Exploits0References2
Rows per page
Query Builder