CWE-828
Signal Handler with Functionality that is not Asynchronous-Safe
VariantIncomplete
Description
The product defines a signal handler that contains code sequences that are not asynchronous-safe, i.e., the functionality is not reentrant, or it can be interrupted.
Hierarchy (View 1000)
CVEs mapped to this weakness (1)
| CVE | Sev | Risk | CVSS | EPSS | KEV | Published | Description |
|---|---|---|---|---|---|---|---|
| CVE-2024-25742 | Med | 0.35 | 6.5 | 0.00 | May 17, 2024 | In the Linux kernel before 6.9, an untrusted hypervisor can inject virtual interrupt 29 (#VC) at any point in time and can trigger its handler. This affects AMD SEV-SNP and AMD SEV-ES. |