VYPR

CWE-362

Concurrent Execution using Shared Resource with Improper Synchronization ('Race Condition')

ClassDraftLikelihood: Medium

Description

The product contains a concurrent code sequence that requires temporary, exclusive access to a shared resource, but a timing window exists in which the shared resource can be modified by another code sequence operating concurrently.

Hierarchy (View 1000)

Related attack patterns (CAPEC)

CAPEC-26 · CAPEC-29

CVEs mapped to this weakness (1,091)

page 32 of 55
  • CVE-2026-43342MedMay 8, 2026
    risk 0.24cvss 4.7epss 0.00

    In the Linux kernel, the following vulnerability has been resolved: usb: gadget: f_rndis: Protect RNDIS options with mutex The class/subclass/protocol options are suspectible to race conditions as they can be accessed concurrently through configfs. Use existing mutex to…

  • CVE-2026-43275MedMay 6, 2026
    risk 0.24cvss 4.7epss 0.00

    In the Linux kernel, the following vulnerability has been resolved: scsi: ufs: core: Flush exception handling work when RPM level is zero Ensure that the exception event handling work is explicitly flushed during suspend when the runtime power management level is set to…

  • CVE-2026-43163MedMay 6, 2026
    risk 0.24cvss 4.7epss 0.00

    In the Linux kernel, the following vulnerability has been resolved: md/bitmap: fix GPF in write_page caused by resize race A General Protection Fault occurs in write_page() during array resize: RIP: 0010:write_page+0x22b/0x3c0 [md_mod] This is a use-after-free race between…

  • CVE-2026-43121MedMay 6, 2026
    risk 0.24cvss 4.7epss 0.00

    In the Linux kernel, the following vulnerability has been resolved: io_uring/zcrx: fix user_ref race between scrub and refill paths The io_zcrx_put_niov_uref() function uses a non-atomic check-then-decrement pattern (atomic_read followed by separate atomic_dec) to manipulate…

  • CVE-2025-71274MedMay 6, 2026
    risk 0.24cvss 4.7epss 0.00

    In the Linux kernel, the following vulnerability has been resolved: rpmsg: core: fix race in driver_override_show() and use core helper The driver_override_show function reads the driver_override string without holding the device_lock. However, the store function modifies and…

  • CVE-2026-31751MedMay 1, 2026
    risk 0.24cvss 4.7epss 0.00

    In the Linux kernel, the following vulnerability has been resolved: comedi: dt2815: add hardware detection to prevent crash The dt2815 driver crashes when attached to I/O ports without actual hardware present. This occurs because syzkaller or users can attach the driver to…

  • CVE-2026-31728MedMay 1, 2026
    risk 0.24cvss 4.7epss 0.00

    In the Linux kernel, the following vulnerability has been resolved: usb: gadget: u_ether: Fix race between gether_disconnect and eth_stop A race condition between gether_disconnect() and eth_stop() leads to a NULL pointer dereference. Specifically, if eth_stop() is triggered…

  • CVE-2026-31572MedApr 24, 2026
    risk 0.24cvss 4.7epss 0.00

    In the Linux kernel, the following vulnerability has been resolved: i2c: designware: amdisp: Fix resume-probe race condition issue Identified resume-probe race condition in kernel v7.0 with the commit 38fa29b01a6a ("i2c: designware: Combine the init functions"),but this issue…

  • CVE-2026-31466MedApr 22, 2026
    risk 0.24cvss 4.7epss 0.00

    In the Linux kernel, the following vulnerability has been resolved: mm/huge_memory: fix folio isn't locked in softleaf_to_folio() On arm64 server, we found folio that get from migration entry isn't locked in softleaf_to_folio(). This issue triggers when mTHP splitting and…

  • CVE-2026-31456MedApr 22, 2026
    risk 0.24cvss 4.7epss 0.00

    In the Linux kernel, the following vulnerability has been resolved: mm/pagewalk: fix race between concurrent split and refault The splitting of a PUD entry in walk_pud_range() can race with a concurrent thread refaulting the PUD leaf entry causing it to try walking a PMD range…

  • CVE-2026-23469MedApr 3, 2026
    risk 0.24cvss 4.7epss 0.00

    In the Linux kernel, the following vulnerability has been resolved: drm/imagination: Synchronize interrupts before suspending the GPU The runtime PM suspend callback doesn't know whether the IRQ handler is in progress on a different CPU core and doesn't wait for it to finish. …

  • CVE-2026-23463MedApr 3, 2026
    risk 0.24cvss 4.7epss 0.00

    In the Linux kernel, the following vulnerability has been resolved: soc: fsl: qbman: fix race condition in qman_destroy_fq When QMAN_FQ_FLAG_DYNAMIC_FQID is set, there's a race condition between fq_table[fq->idx] state and freeing/allocating from the pool and…

  • CVE-2026-23452MedApr 3, 2026
    risk 0.24cvss 4.7epss 0.00

    In the Linux kernel, the following vulnerability has been resolved: PM: runtime: Fix a race condition related to device removal The following code in pm_runtime_work() may dereference the dev->parent pointer after the parent device has been freed: /* Maybe the parent is now…

  • CVE-2026-23441MedApr 3, 2026
    risk 0.24cvss 4.7epss 0.00

    In the Linux kernel, the following vulnerability has been resolved: net/mlx5e: Prevent concurrent access to IPSec ASO context The query or updating IPSec offload object is through Access ASO WQE. The driver uses a single mlx5e_ipsec_aso struct for each PF, which contains a…

  • CVE-2026-23394MedMar 25, 2026
    risk 0.24cvss 4.7epss 0.00

    In the Linux kernel, the following vulnerability has been resolved: af_unix: Give up GC if MSG_PEEK intervened. Igor Ushakov reported that GC purged the receive queue of an alive socket due to a race with MSG_PEEK with a nice repro. This is the exact same issue previously…

  • CVE-2026-23348MedMar 25, 2026
    risk 0.24cvss 4.7epss 0.00

    In the Linux kernel, the following vulnerability has been resolved: cxl: Fix race of nvdimm_bus object when creating nvdimm objects Found issue during running of cxl-translate.sh unit test. Adding a 3s sleep right before the test seems to make the issue reproduce fairly…

  • CVE-2026-23342MedMar 25, 2026
    risk 0.24cvss 4.7epss 0.00

    In the Linux kernel, the following vulnerability has been resolved: bpf: Fix race in cpumap on PREEMPT_RT On PREEMPT_RT kernels, the per-CPU xdp_bulk_queue (bq) can be accessed concurrently by multiple preemptible tasks on the same CPU. The original code assumes bq_enqueue()…

  • CVE-2026-23302MedMar 25, 2026
    risk 0.24cvss 4.7epss 0.00

    In the Linux kernel, the following vulnerability has been resolved: net: annotate data-races around sk->sk_{data_ready,write_space} skmsg (and probably other layers) are changing these pointers while other cpus might read them concurrently. Add corresponding…

  • CVE-2025-15244LowDec 30, 2025
    risk 0.24cvss 3.7epss 0.00

    A vulnerability has been found in PHPEMS up to 11.0. This impacts an unknown function of the component Purchase Request Handler. The manipulation leads to race condition. The attack may be initiated remotely. A high degree of complexity is needed for the attack. The…

  • CVE-2025-15116LowDec 28, 2025
    risk 0.24cvss 3.7epss 0.00

    A security flaw has been discovered in OpenCart up to 4.1.0.3. Affected by this issue is some unknown functionality of the component Single-Use Coupon Handler. Performing a manipulation results in race condition. The attack may be initiated remotely. The attack's complexity is…