Search the Community

XNU suffers from a remote double-free vulnerability due to a data race in IPComp input path. View the full article

Linux suffers from a use-after-free via a race condition between modify_ldt() and #BR exception. View the full article

Windows installer suffers from a race condition that can allow for privilege escalation. View the full article

This Metasploit module exploits a race condition vulnerability in Mac's Feedback Assistant. A successful attempt would result in remote code execution under the context of root. View the full article

On Microsoft Windows, the LUAFV driver has a race condition in the LuafvPostReadWrite callback if delay virtualization has occurred during a read leading to the SECTION_OBJECT_POINTERS value being reset to the underlying file resulting in elevation of privilege. View the full article

The compositor thread in WebKitGTK+ might alter a FilterOperation object's reference count variable at the same time as the main thread. Then the reference count corruption might lead to a use-after-free condition. View the full article

There's a race condition in the destruction of the BindingState for bindings to the StoragePartitionService in Chrome. It looks like the root cause of the issue is that since we can get two concurrent calls to callbacks returned from mojo::BindingSet::GetBadMessageCallback() from the same BindingSet, which results in a data race destroying the same BindingState. View the full article

There appears to be a race condition in the destruction of the ExtensionsGuestViewMessageFilter if the ProcessIdToFilterMap is modified concurrently in Chrome. View the full article

WordPress SEO (Yoast SEO) plugin versions 9.1 and below suffer from a race condition that allows for command execution. View the full article

Race conditions exist on percpu refcounts on struct mount. View the full article