VYPR

CWE-828

Signal Handler with Functionality that is not Asynchronous-Safe

VariantIncomplete

Description

The product defines a signal handler that contains code sequences that are not asynchronous-safe, i.e., the functionality is not reentrant, or it can be interrupted.

Hierarchy (View 1000)

Parents

Children

CVEs mapped to this weakness (1)

  • CVE-2024-25742MedMay 17, 2024
    risk 0.35cvss 6.5epss 0.00

    In the Linux kernel before 6.9, an untrusted hypervisor can inject virtual interrupt 29 (#VC) at any point in time and can trigger its handler. This affects AMD SEV-SNP and AMD SEV-ES.