Search the Community
Showing results for tags 'race'.
-
XNU suffers from a remote double-free vulnerability due to a data race in IPComp input path. View the full article
-
Linux suffers from a use-after-free via a race condition between modify_ldt() and #BR exception. View the full article
-
Windows installer suffers from a race condition that can allow for privilege escalation. View the full article
-
Exploits Mac OS X Feedback Assistant Race Condition
1337day-Exploits posted a topic in Updated Exploits
This Metasploit module exploits a race condition vulnerability in Mac's Feedback Assistant. A successful attempt would result in remote code execution under the context of root. View the full article -
Exploits WebKitGTK+ ThreadedCompositor Race Condition
1337day-Exploits posted a topic in Updated Exploits
The compositor thread in WebKitGTK+ might alter a FilterOperation object's reference count variable at the same time as the main thread. Then the reference count corruption might lead to a use-after-free condition. View the full article-
- webkitgtk+
- threadedcompositor
-
(and 2 more)
Tagged with:
-
There's a race condition in the destruction of the BindingState for bindings to the StoragePartitionService in Chrome. It looks like the root cause of the issue is that since we can get two concurrent calls to callbacks returned from mojo::BindingSet::GetBadMessageCallback() from the same BindingSet, which results in a data race destroying the same BindingState. View the full article
-
- chrome
- storagepartitionservice
-
(and 2 more)
Tagged with:
-
There appears to be a race condition in the destruction of the ExtensionsGuestViewMessageFilter if the ProcessIdToFilterMap is modified concurrently in Chrome. View the full article
-
- chrome
- extensionsguestviewmessagefilter
-
(and 2 more)
Tagged with:
-
Race conditions exist on percpu refcounts on struct mount. View the full article