CVE-2023-2612

MEDIUM Year: 2023
CVSS v3 Score
4.7
Medium
Weakness Type
CWE-667
View all →

Vulnerability Description

Jean-Baptiste Cayrou discovered that the shiftfs file system in the Ubuntu Linux kernel contained a race condition when handling inode locking in some situations. A local attacker could use this to cause a denial of service (kernel deadlock).

Related Vulnerabilities

CVE-2005-3106

MEDIUM
CVSS:4.7(Medium)

Race condition in Linux 2.6, when threads are sharing memory mapping via CLONE_VM (such as linuxthreads and vfork), might allow local users to cause a denial of service (deadlock) by triggering a core...

CWE-6672005

CVE-2009-1961

MEDIUM
CVSS:4.7(Medium)

The inode double locking code in fs/ocfs2/file.c in the Linux kernel 2.6.30 before 2.6.30-rc3, 2.6.27 before 2.6.27.24, 2.6.29 before 2.6.29.4, and possibly other versions down to 2.6.19 allows local ...

CWE-6672009

CVE-2022-3303

MEDIUM
CVSS:4.7(Medium)

A race condition flaw was found in the Linux kernel sound subsystem due to improper locking. It could lead to a NULL pointer dereference while handling the SNDCTL_DSP_SYNC ioctl. A privileged local us...

CWE-6672022

CVE-2023-52505

MEDIUM
CVSS:4.7(Medium)

In the Linux kernel, the following vulnerability has been resolved: phy: lynx-28g: serialize concurrent phy_set_mode_ext() calls to shared registers The protocol converter configuration registers PCC8...

CWE-6672023

CVE-2024-26631

MEDIUM
CVSS:4.7(Medium)

In the Linux kernel, the following vulnerability has been resolved: ipv6: mcast: fix data-race in ipv6_mc_down / mld_ifc_work idev->mc_ifc_count can be written over without proper locking. Originally ...

CWE-6672024

CVE-2024-42253

MEDIUM
CVSS:4.7(Medium)

In the Linux kernel, the following vulnerability has been resolved: gpio: pca953x: fix pca953x_irq_bus_sync_unlock race Ensure that `i2c_lock' is held when setting interrupt latch and mask in pca953x_...

CWE-6672024