Vulnerabilities > Concurrent Execution using Shared Resource with Improper Synchronization ('Race Condition')
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2018-03-26 | CVE-2017-18249 | Race Condition vulnerability in multiple products The add_free_nid function in fs/f2fs/node.c in the Linux kernel before 4.12 does not properly track an allocated nid, which allows local users to cause a denial of service (race condition) or possibly have unspecified other impact via concurrent threads. | 7.0 |
| 2018-03-16 | CVE-2017-15834 | Race Condition vulnerability in Google Android In Android for MSM, Firefox OS for MSM, QRD Android, with all Android releases from CAF using the Linux kernel, race condition in diag_dbgfs_read_dcistats(), while accessing diag_dbgfs_dci_data_index, causes potential heap overflow. | 7.0 |
| 2018-03-16 | CVE-2017-11082 | Race Condition vulnerability in Google Android In Android for MSM, Firefox OS for MSM, QRD Android, with all Android releases from CAF using the Linux kernel, due to a race condition in a firmware loading routine, a buffer overflow could potentially occur if multiple user space threads try to update the WLAN firmware file through sysfs. | 7.0 |
| 2018-03-12 | CVE-2017-18224 | Race Condition vulnerability in Linux Kernel In the Linux kernel before 4.15, fs/ocfs2/aops.c omits use of a semaphore and consequently has a race condition for access to the extent tree during read operations in DIRECT mode, which allows local users to cause a denial of service (BUG) by modifying a certain e_cpos field. | 4.7 |
| 2018-03-09 | CVE-2018-7995 | Race Condition vulnerability in multiple products Race condition in the store_int_with_restart() function in arch/x86/kernel/cpu/mcheck/mce.c in the Linux kernel through 4.15.7 allows local users to cause a denial of service (panic) by leveraging root access to write to the check_interval file in a /sys/devices/system/machinecheck/machinecheck<cpu number> directory. | 4.7 |
| 2018-03-06 | CVE-2017-6296 | Race Condition vulnerability in multiple products NVIDIA TrustZone Software contains a TOCTOU issue in the DRM application which may lead to the denial of service or possible escalation of privileges. | 7.0 |
| 2018-03-01 | CVE-2017-14798 | Race Condition vulnerability in multiple products A race condition in the postgresql init script could be used by attackers able to access the postgresql account to escalate their privileges to root. | 7.0 |
| 2018-02-27 | CVE-2017-18203 | Race Condition vulnerability in Linux Kernel The dm_get_from_kobject function in drivers/md/dm.c in the Linux kernel before 4.14.3 allow local users to cause a denial of service (BUG) by leveraging a race condition with __dm_destroy during creation and removal of DM devices. | 4.7 |
| 2018-02-23 | CVE-2017-15829 | Race Condition vulnerability in Google Android In all Qualcomm products with Android releases from CAF using the Linux kernel, a race condition exists in a GPU Driver which can potentially lead to a Use After Free condition. | 7.0 |
| 2018-02-23 | CVE-2018-7441 | Race Condition vulnerability in Leptonica Leptonica through 1.75.3 uses hardcoded /tmp pathnames, which might allow local users to overwrite arbitrary files or have unspecified other impact by creating files in advance or winning a race condition, as demonstrated by /tmp/junk_split_image.ps in prog/splitimage2pdf.c. | 7.0 |