Vulnerabilities > Concurrent Execution using Shared Resource with Improper Synchronization ('Race Condition')
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2022-03-10 | CVE-2022-23040 | Race Condition vulnerability in multiple products Linux PV device frontends vulnerable to attacks by backends T[his CNA information record relates to multiple CVEs; the text explains which aspects/vulnerabilities correspond to which CVE.] Several Linux PV device frontends are using the grant table interfaces for removing access rights of the backends in ways being subject to race conditions, resulting in potential data leaks, data corruption by malicious backends, and denial of service triggered by malicious backends: blkfront, netfront, scsifront and the gntalloc driver are testing whether a grant reference is still in use. | 7.0 |
| 2022-03-10 | CVE-2022-23041 | Race Condition vulnerability in multiple products Linux PV device frontends vulnerable to attacks by backends T[his CNA information record relates to multiple CVEs; the text explains which aspects/vulnerabilities correspond to which CVE.] Several Linux PV device frontends are using the grant table interfaces for removing access rights of the backends in ways being subject to race conditions, resulting in potential data leaks, data corruption by malicious backends, and denial of service triggered by malicious backends: blkfront, netfront, scsifront and the gntalloc driver are testing whether a grant reference is still in use. | 7.0 |
| 2022-03-10 | CVE-2022-23042 | Race Condition vulnerability in multiple products Linux PV device frontends vulnerable to attacks by backends T[his CNA information record relates to multiple CVEs; the text explains which aspects/vulnerabilities correspond to which CVE.] Several Linux PV device frontends are using the grant table interfaces for removing access rights of the backends in ways being subject to race conditions, resulting in potential data leaks, data corruption by malicious backends, and denial of service triggered by malicious backends: blkfront, netfront, scsifront and the gntalloc driver are testing whether a grant reference is still in use. | 7.0 |
| 2022-03-10 | CVE-2022-25090 | Race Condition vulnerability in Kofax Printix 1.3.1106.0 Printix Secure Cloud Print Management through 1.3.1106.0 creates a temporary temp.ini file in a directory with insecure permissions, leading to privilege escalation because of a race condition. | 9.3 |
| 2022-03-09 | CVE-2022-21975 | Race Condition vulnerability in Microsoft products Windows Hyper-V Denial of Service Vulnerability | 4.7 |
| 2022-03-09 | CVE-2022-23283 | Race Condition vulnerability in Microsoft products Windows ALPC Elevation of Privilege Vulnerability | 7.0 |
| 2022-03-09 | CVE-2022-24505 | Race Condition vulnerability in Microsoft products Windows ALPC Elevation of Privilege Vulnerability | 7.0 |
| 2022-03-09 | CVE-2022-24525 | Race Condition vulnerability in Microsoft Windows 10, Windows 11 and Windows Server Windows Update Stack Elevation of Privilege Vulnerability | 7.0 |
| 2022-03-03 | CVE-2021-3640 | Race Condition vulnerability in multiple products A flaw use-after-free in function sco_sock_sendmsg() of the Linux kernel HCI subsystem was found in the way user calls ioct UFFDIO_REGISTER or other way triggers race condition of the call sco_conn_del() together with the call sco_sock_sendmsg() with the expected controllable faulting memory page. | 7.0 |
| 2022-03-03 | CVE-2021-3609 | Race Condition vulnerability in multiple products .A flaw was found in the CAN BCM networking protocol in the Linux kernel, where a local attacker can abuse a flaw in the CAN subsystem to corrupt memory, crash the system or escalate privileges. | 7.0 |