Vulnerabilities (CVE)

Join the Common Vulnerabilities and Exposures (CVE) community and start to get notified about new vulnerabilities.

Filtered by CWE-362
Total 1264 CVE
CVE Vendors Products Updated CVSS v2 CVSS v3
CVE-2008-4307 1 Linux 1 Linux Kernel 2023-02-12 4.0 MEDIUM N/A
Race condition in the do_setlk function in fs/nfs/file.c in the Linux kernel before 2.6.26 allows local users to cause a denial of service (crash) via vectors resulting in an interrupted RPC call that leads to a stray FL_POSIX lock, related to improper handling of a race between fcntl and close in the EINTR case.
CVE-2006-0039 1 Linux 1 Linux Kernel 2023-02-12 4.7 MEDIUM N/A
Race condition in the do_add_counters function in netfilter for Linux kernel 2.6.16 allows local users with CAP_NET_ADMIN capabilities to read kernel memory by triggering the race condition in a way that produces a size value that is inconsistent with allocated memory, which leads to a buffer over-read in IPT_ENTRY_ITERATE.
CVE-2011-2183 1 Linux 1 Linux Kernel 2023-02-12 4.0 MEDIUM N/A
Race condition in the scan_get_next_rmap_item function in mm/ksm.c in the Linux kernel before 2.6.39.3, when Kernel SamePage Merging (KSM) is enabled, allows local users to cause a denial of service (NULL pointer dereference) or possibly have unspecified other impact via a crafted application.
CVE-2009-1894 1 Pulseaudio 1 Pulseaudio 2023-02-12 7.2 HIGH N/A
Race condition in PulseAudio 0.9.9, 0.9.10, and 0.9.14 allows local users to gain privileges via vectors involving creation of a hard link, related to the application setting LD_BIND_NOW to 1, and then calling execv on the target of the /proc/self/exe symlink.
CVE-2015-7553 1 Redhat 3 Enterprise Linux, Enterprise Mrg, Kernel-rt 2023-02-12 4.7 MEDIUM 4.7 MEDIUM
Race condition in the kernel in Red Hat Enterprise Linux 7, kernel-rt and Red Hat Enterprise MRG 2, when the nfnetlink_log module is loaded, allows local users to cause a denial of service (panic) by creating netlink sockets.
CVE-2015-5240 1 Openstack 1 Neutron 2023-02-12 3.5 LOW N/A
Race condition in OpenStack Neutron before 2014.2.4 and 2015.1 before 2015.1.2, when using the ML2 plugin or the security groups AMQP API, allows remote authenticated users to bypass IP anti-spoofing controls by changing the device owner of a port to start with network: before the security group rules are applied.
CVE-2015-5189 1 Pacemaker\/corosync Configuration System Project 1 Pacemaker\/corosync Configuration System 2023-02-12 4.9 MEDIUM N/A
Race condition in pcsd in PCS 0.9.139 and earlier uses a global variable to validate usernames, which allows remote authenticated users to gain privileges by sending a command that is checked for security after another user is authenticated.
CVE-2015-3212 1 Linux 1 Linux Kernel 2023-02-12 4.9 MEDIUM N/A
Race condition in net/sctp/socket.c in the Linux kernel before 4.1.2 allows local users to cause a denial of service (list corruption and panic) via a rapid series of system calls related to sockets, as demonstrated by setsockopt calls.
CVE-2014-9710 1 Linux 1 Linux Kernel 2023-02-12 6.9 MEDIUM N/A
The Btrfs implementation in the Linux kernel before 3.19 does not ensure that the visible xattr state is consistent with a requested replacement, which allows local users to bypass intended ACL settings and gain privileges via standard filesystem operations (1) during an xattr-replacement time window, related to a race condition, or (2) after an xattr-replacement attempt that fails because the data does not fit.
CVE-2014-7842 1 Linux 1 Linux Kernel 2023-02-12 4.9 MEDIUM N/A
Race condition in arch/x86/kvm/x86.c in the Linux kernel before 3.17.4 allows guest OS users to cause a denial of service (guest OS crash) via a crafted application that performs an MMIO transaction or a PIO transaction to trigger a guest userspace emulation error report, a similar issue to CVE-2010-5313.
CVE-2014-3611 4 Canonical, Debian, Linux and 1 more 4 Ubuntu Linux, Debian Linux, Linux Kernel and 1 more 2023-02-12 4.7 MEDIUM 4.7 MEDIUM
Race condition in the __kvm_migrate_pit_timer function in arch/x86/kvm/i8254.c in the KVM subsystem in the Linux kernel through 3.17.2 allows guest OS users to cause a denial of service (host OS crash) by leveraging incorrect PIT emulation.
CVE-2014-0196 7 Canonical, Debian, F5 and 4 more 30 Ubuntu Linux, Debian Linux, Big-ip Access Policy Manager and 27 more 2023-02-12 6.9 MEDIUM N/A
The n_tty_write function in drivers/tty/n_tty.c in the Linux kernel through 3.14.3 does not properly manage tty driver access in the "LECHO & !OPOST" case, which allows local users to cause a denial of service (memory corruption and system crash) or gain privileges by triggering a race condition involving read and write operations with long strings.
CVE-2012-3552 2 Linux, Redhat 2 Linux Kernel, Enterprise Linux Eus 2023-02-12 7.1 HIGH 5.9 MEDIUM
Race condition in the IP implementation in the Linux kernel before 3.0 might allow remote attackers to cause a denial of service (slab corruption and system crash) by sending packets to an application that sets socket options during the handling of network traffic.
CVE-2012-3511 1 Linux 1 Linux Kernel 2023-02-12 6.2 MEDIUM N/A
Multiple race conditions in the madvise_remove function in mm/madvise.c in the Linux kernel before 3.4.5 allow local users to cause a denial of service (use-after-free and system crash) via vectors involving a (1) munmap or (2) close system call.
CVE-2012-2373 1 Linux 1 Linux Kernel 2023-02-12 4.0 MEDIUM N/A
The Linux kernel before 3.4.5 on the x86 platform, when Physical Address Extension (PAE) is enabled, does not properly use the Page Middle Directory (PMD), which allows local users to cause a denial of service (panic) via a crafted application that triggers a race condition.
CVE-2011-3585 2 Redhat, Samba 2 Enterprise Linux, Samba 2023-02-12 1.9 LOW 4.7 MEDIUM
Multiple race conditions in the (1) mount.cifs and (2) umount.cifs programs in Samba 3.6 allow local users to cause a denial of service (mounting outage) via a SIGKILL signal during a time window when the /etc/mtab~ file exists.
CVE-2021-3640 5 Canonical, Debian, Fedoraproject and 2 more 20 Ubuntu Linux, Debian Linux, Fedora and 17 more 2023-02-12 6.9 MEDIUM 7.0 HIGH
A flaw use-after-free in function sco_sock_sendmsg() of the Linux kernel HCI subsystem was found in the way user calls ioct UFFDIO_REGISTER or other way triggers race condition of the call sco_conn_del() together with the call sco_sock_sendmsg() with the expected controllable faulting memory page. A privileged local user could use this flaw to crash the system or escalate their privileges on the system.
CVE-2021-3609 3 Linux, Netapp, Redhat 43 Linux Kernel, H300e, H300e Firmware and 40 more 2023-02-12 6.9 MEDIUM 7.0 HIGH
.A flaw was found in the CAN BCM networking protocol in the Linux kernel, where a local attacker can abuse a flaw in the CAN subsystem to corrupt memory, crash the system or escalate privileges. This race condition in net/can/bcm.c in the Linux kernel allows for local privilege escalation to root.
CVE-2019-14898 2 Linux, Redhat 2 Linux Kernel, Enterprise Mrg 2023-02-12 6.9 MEDIUM 7.0 HIGH
The fix for CVE-2019-11599, affecting the Linux kernel before 5.0.10 was not complete. A local user could use this flaw to obtain sensitive information, cause a denial of service, or possibly have other unspecified impacts by triggering a race condition with mmget_not_zero or get_task_mm calls.
CVE-2017-7533 1 Linux 1 Linux Kernel 2023-02-12 6.9 MEDIUM 7.0 HIGH
Race condition in the fsnotify implementation in the Linux kernel through 4.12.4 allows local users to gain privileges or cause a denial of service (memory corruption) via a crafted application that leverages simultaneous execution of the inotify_handle_event and vfs_rename functions.