Vulnerabilities > Concurrent Execution using Shared Resource with Improper Synchronization ('Race Condition')

DATE CVE VULNERABILITY TITLE RISK
2018-01-04 CVE-2017-18018 Race Condition vulnerability in GNU Coreutils
In GNU Coreutils through 8.29, chown-core.c in chown and chgrp does not prevent replacement of a plain file with a symlink during use of the POSIX "-R -L" options, which allows local users to modify the ownership of arbitrary files by leveraging a race condition.
local
high complexity
gnu CWE-362
4.7
2017-12-21 CVE-2017-6167 Race Condition vulnerability in F5 products
In F5 BIG-IP LTM, AAM, AFM, Analytics, APM, ASM, DNS, Link Controller, PEM and WebSafe software version 13.0.0 and 12.1.0 - 12.1.2, race conditions in iControl REST may lead to commands being executed with different privilege levels than expected.
network
high complexity
f5 CWE-362
7.5
2017-12-16 CVE-2017-17712 Race Condition vulnerability in Linux Kernel
The raw_sendmsg() function in net/ipv4/raw.c in the Linux kernel through 4.14.6 has a race condition in inet->hdrincl that leads to uninitialized stack pointer usage; this allows a local user to execute code and gain privileges.
local
high complexity
linux CWE-362
7.0
2017-12-05 CVE-2017-9718 Race Condition vulnerability in Google Android
In Android for MSM, Firefox OS for MSM, QRD Android, with all Android releases from CAF using the Linux kernel, a race condition in a multimedia driver can potentially lead to a buffer overwrite.
local
high complexity
google CWE-362
7.0
2017-12-05 CVE-2017-9708 Race Condition vulnerability in Google Android
In Android for MSM, Firefox OS for MSM, QRD Android, with all Android releases from CAF using the Linux kernel, in the camera driver, the function "msm_ois_power_down" is called without a mutex and a race condition can occur in variable "*reg_ptr" of sub function "msm_camera_config_single_vreg".
local
high complexity
google CWE-362
7.0
2017-12-05 CVE-2017-11049 Race Condition vulnerability in Google Android
In Android for MSM, Firefox OS for MSM, QRD Android, with all Android releases from CAF using the Linux kernel, in a video driver, a race condition exists which can potentially lead to a buffer overflow.
local
high complexity
google CWE-362
7.0
2017-12-05 CVE-2017-16857 Race Condition vulnerability in Atlassian Bitbucket Auto Unapprove Plugin
It is possible to bypass the bitbucket auto-unapprove plugin via minimal brute-force because it is relying on asynchronous events on the back-end.
network
high complexity
atlassian CWE-362
8.5
2017-11-30 CVE-2017-1000405 Race Condition vulnerability in Linux Kernel
The Linux Kernel versions 2.6.38 through 4.14 have a problematic use of pmd_mkdirty() in the touch_pmd() function inside the THP implementation.
local
high complexity
linux CWE-362
7.0
2017-11-22 CVE-2017-8148 Race Condition vulnerability in Huawei P9 Firmware
Audio driver in P9 smartphones with software The versions before EVA-AL10C00B389 has a denial of service (DoS) vulnerability.
local
high complexity
huawei CWE-362
4.7
2017-11-16 CVE-2017-8279 Race Condition vulnerability in Google Android
In android for MSM, Firefox OS for MSM, QRD Android, with all Android releases from CAF using the Linux kernel, missing race condition protection while updating msg mask table can lead to buffer over-read.
network
low complexity
google CWE-362
7.5