Vulnerabilities > Improper Locking

DATE CVE VULNERABILITY TITLE RISK
2022-12-16 CVE-2022-20566 Improper Locking vulnerability in Google Android
In l2cap_chan_put of l2cap_core, there is a possible use after free due to improper locking.
local
low complexity
google CWE-667
7.8
7.8
2022-12-13 CVE-2022-3996 Improper Locking vulnerability in Openssl
If an X.509 certificate contains a malformed policy constraint and policy processing is enabled, then a write lock will be taken twice recursively.
network
low complexity
openssl CWE-667
7.5
7.5
2022-12-07 CVE-2022-42328 Improper Locking vulnerability in multiple products
Guests can trigger deadlock in Linux netback driver T[his CNA information record relates to multiple CVEs; the text explains which aspects/vulnerabilities correspond to which CVE.] The patch for XSA-392 introduced another issue which might result in a deadlock when trying to free the SKB of a packet dropped due to the XSA-392 handling (CVE-2022-42328).
local
low complexity
linux debian CWE-667
5.5
5.5
2022-12-07 CVE-2022-42329 Improper Locking vulnerability in multiple products
Guests can trigger deadlock in Linux netback driver T[his CNA information record relates to multiple CVEs; the text explains which aspects/vulnerabilities correspond to which CVE.] The patch for XSA-392 introduced another issue which might result in a deadlock when trying to free the SKB of a packet dropped due to the XSA-392 handling (CVE-2022-42328).
local
low complexity
linux debian CWE-667
5.5
5.5
2022-12-06 CVE-2022-39131 Improper Locking vulnerability in Google Android 10.0/11.0/12.0
In camera driver, there is a possible memory corruption due to improper locking.
local
low complexity
google CWE-667
5.5
5.5
2022-12-06 CVE-2022-42775 Improper Locking vulnerability in Google Android 10.0/11.0/12.0
In camera driver, there is a possible memory corruption due to improper locking.
local
low complexity
google CWE-667
5.5
5.5
2022-11-28 CVE-2022-4129 Improper Locking vulnerability in multiple products
A flaw was found in the Linux kernel's Layer 2 Tunneling Protocol (L2TP).
local
low complexity
linux fedoraproject CWE-667
5.5
5.5
2022-10-26 CVE-2022-39358 Improper Locking vulnerability in Metabase
Metabase is data visualization software.
network
low complexity
metabase CWE-667
6.5
6.5
2022-10-14 CVE-2022-38690 Improper Locking vulnerability in Google Android 10.0/11.0/12.0
In camera driver, there is a possible memory corruption due to improper locking.
local
low complexity
google CWE-667
5.5
5.5
2022-10-11 CVE-2022-20422 Improper Locking vulnerability in multiple products
In emulation_proc_handler of armv8_deprecated.c, there is a possible way to corrupt memory due to a race condition.
local
high complexity
google debian CWE-667
7.0
7.0