Logo
-

Byte Open Security

(ByteOS Network)

Log In

Sign Up

ByteOS

Security
Vulnerability Details
Registries
Custom Views
Weaknesses
Attack Patterns
Filters & Tools
Vulnerability Details :

CVE-2020-3962

Summary
Assigner-vmware
Assigner Org ID-dcf2e128-44bd-42ed-91e8-88f912c1401d
Published At-24 Jun, 2020 | 16:01
Updated At-04 Aug, 2024 | 07:52
Rejected At-
Credits

VMware ESXi (7.0 before ESXi_7.0.0-1.20.16321839, 6.7 before ESXi670-202004101-SG and 6.5 before ESXi650-202005401-SG), Workstation (15.x before 15.5.5), and Fusion (11.x before 11.5.5) contain a use-after-free vulnerability in the SVGA device. A malicious actor with local access to a virtual machine with 3D graphics enabled may be able to exploit this vulnerability to execute code on the hypervisor from a virtual machine.

Vendors
-
Not available
Products
-
Metrics (CVSS)
VersionBase scoreBase severityVector
Weaknesses
Attack Patterns
Solution/Workaround
References
HyperlinkResource Type
EPSS History
Score
Latest Score
-
N/A
No data available for selected date range
Percentile
Latest Percentile
-
N/A
No data available for selected date range
Stakeholder-Specific Vulnerability Categorization (SSVC)
â–¼Common Vulnerabilities and Exposures (CVE)
cve.org
Assigner:vmware
Assigner Org ID:dcf2e128-44bd-42ed-91e8-88f912c1401d
Published At:24 Jun, 2020 | 16:01
Updated At:04 Aug, 2024 | 07:52
Rejected At:
â–¼CVE Numbering Authority (CNA)

VMware ESXi (7.0 before ESXi_7.0.0-1.20.16321839, 6.7 before ESXi670-202004101-SG and 6.5 before ESXi650-202005401-SG), Workstation (15.x before 15.5.5), and Fusion (11.x before 11.5.5) contain a use-after-free vulnerability in the SVGA device. A malicious actor with local access to a virtual machine with 3D graphics enabled may be able to exploit this vulnerability to execute code on the hypervisor from a virtual machine.

Affected Products
Vendor
VMware (Broadcom Inc.)VMware
Product
VMware ESXi
Versions
Affected
  • 7.0 before ESXi_7.0.0-1.20.16321839
  • 6.7 before ESXi670-202004101-SG
  • 6.5 before ESXi650-202005401-SG
Vendor
VMware (Broadcom Inc.)VMware
Product
Workstation
Versions
Affected
  • 15.x before 15.5.5
Vendor
VMware (Broadcom Inc.)VMware
Product
Fusion
Versions
Affected
  • 11.x before 11.5.5
Problem Types
TypeCWE IDDescription
textN/AUse-after-free vulnerability
Type: text
CWE ID: N/A
Description: Use-after-free vulnerability
Metrics
VersionBase scoreBase severityVector
Metrics Other Info
Impacts
CAPEC IDDescription
Solutions
Configurations
Workarounds
Exploits
Credits
Timeline
EventDate
Replaced By
Rejected Reason
References
HyperlinkResource
https://www.vmware.com/security/advisories/VMSA-2020-0015.html
x_refsource_CONFIRM
https://www.zerodayinitiative.com/advisories/ZDI-20-785/
x_refsource_MISC
Hyperlink: https://www.vmware.com/security/advisories/VMSA-2020-0015.html
Resource:
x_refsource_CONFIRM
Hyperlink: https://www.zerodayinitiative.com/advisories/ZDI-20-785/
Resource:
x_refsource_MISC
â–¼Authorized Data Publishers (ADP)
CVE Program Container
Affected Products
Metrics
VersionBase scoreBase severityVector
Metrics Other Info
Impacts
CAPEC IDDescription
Solutions
Configurations
Workarounds
Exploits
Credits
Timeline
EventDate
Replaced By
Rejected Reason
References
HyperlinkResource
https://www.vmware.com/security/advisories/VMSA-2020-0015.html
x_refsource_CONFIRM
x_transferred
https://www.zerodayinitiative.com/advisories/ZDI-20-785/
x_refsource_MISC
x_transferred
Hyperlink: https://www.vmware.com/security/advisories/VMSA-2020-0015.html
Resource:
x_refsource_CONFIRM
x_transferred
Hyperlink: https://www.zerodayinitiative.com/advisories/ZDI-20-785/
Resource:
x_refsource_MISC
x_transferred
Information is not available yet
â–¼National Vulnerability Database (NVD)
nvd.nist.gov
Source:security@vmware.com
Published At:24 Jun, 2020 | 17:15
Updated At:01 Jul, 2020 | 18:01

VMware ESXi (7.0 before ESXi_7.0.0-1.20.16321839, 6.7 before ESXi670-202004101-SG and 6.5 before ESXi650-202005401-SG), Workstation (15.x before 15.5.5), and Fusion (11.x before 11.5.5) contain a use-after-free vulnerability in the SVGA device. A malicious actor with local access to a virtual machine with 3D graphics enabled may be able to exploit this vulnerability to execute code on the hypervisor from a virtual machine.

CISA Catalog
Date AddedDue DateVulnerability NameRequired Action
N/A
Date Added: N/A
Due Date: N/A
Vulnerability Name: N/A
Required Action: N/A
Metrics
TypeVersionBase scoreBase severityVector
Primary3.18.2HIGH
CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:C/C:H/I:H/A:H
Primary2.04.4MEDIUM
AV:L/AC:M/Au:N/C:P/I:P/A:P
Type: Primary
Version: 3.1
Base score: 8.2
Base severity: HIGH
Vector:
CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:C/C:H/I:H/A:H
Type: Primary
Version: 2.0
Base score: 4.4
Base severity: MEDIUM
Vector:
AV:L/AC:M/Au:N/C:P/I:P/A:P
CPE Matches
VMware (Broadcom Inc.)
vmware
>>cloud_foundation>>Versions from 3.0(inclusive) to 3.10(exclusive)
cpe:2.3:a:vmware:cloud_foundation:*:*:*:*:*:*:*:*
VMware (Broadcom Inc.)
vmware
>>cloud_foundation>>Versions from 4.0.0(inclusive) to 4.0.1(exclusive)
cpe:2.3:a:vmware:cloud_foundation:*:*:*:*:*:*:*:*
VMware (Broadcom Inc.)
vmware
>>fusion>>Versions from 11.0.0(inclusive) to 11.5.5(exclusive)
cpe:2.3:a:vmware:fusion:*:*:*:*:*:*:*:*
VMware (Broadcom Inc.)
vmware
>>workstation>>Versions from 15.0.0(inclusive) to 15.5.5(exclusive)
cpe:2.3:a:vmware:workstation:*:*:*:*:*:*:*:*
VMware (Broadcom Inc.)
vmware
>>esxi>>6.5
cpe:2.3:o:vmware:esxi:6.5:-:*:*:*:*:*:*
VMware (Broadcom Inc.)
vmware
>>esxi>>6.5
cpe:2.3:o:vmware:esxi:6.5:650-201701001:*:*:*:*:*:*
VMware (Broadcom Inc.)
vmware
>>esxi>>6.5
cpe:2.3:o:vmware:esxi:6.5:650-201703001:*:*:*:*:*:*
VMware (Broadcom Inc.)
vmware
>>esxi>>6.5
cpe:2.3:o:vmware:esxi:6.5:650-201703002:*:*:*:*:*:*
VMware (Broadcom Inc.)
vmware
>>esxi>>6.5
cpe:2.3:o:vmware:esxi:6.5:650-201704001:*:*:*:*:*:*
VMware (Broadcom Inc.)
vmware
>>esxi>>6.5
cpe:2.3:o:vmware:esxi:6.5:650-201707101:*:*:*:*:*:*
VMware (Broadcom Inc.)
vmware
>>esxi>>6.5
cpe:2.3:o:vmware:esxi:6.5:650-201707102:*:*:*:*:*:*
VMware (Broadcom Inc.)
vmware
>>esxi>>6.5
cpe:2.3:o:vmware:esxi:6.5:650-201707103:*:*:*:*:*:*
VMware (Broadcom Inc.)
vmware
>>esxi>>6.5
cpe:2.3:o:vmware:esxi:6.5:650-201707201:*:*:*:*:*:*
VMware (Broadcom Inc.)
vmware
>>esxi>>6.5
cpe:2.3:o:vmware:esxi:6.5:650-201707202:*:*:*:*:*:*
VMware (Broadcom Inc.)
vmware
>>esxi>>6.5
cpe:2.3:o:vmware:esxi:6.5:650-201707203:*:*:*:*:*:*
VMware (Broadcom Inc.)
vmware
>>esxi>>6.5
cpe:2.3:o:vmware:esxi:6.5:650-201707204:*:*:*:*:*:*
VMware (Broadcom Inc.)
vmware
>>esxi>>6.5
cpe:2.3:o:vmware:esxi:6.5:650-201707205:*:*:*:*:*:*
VMware (Broadcom Inc.)
vmware
>>esxi>>6.5
cpe:2.3:o:vmware:esxi:6.5:650-201707206:*:*:*:*:*:*
VMware (Broadcom Inc.)
vmware
>>esxi>>6.5
cpe:2.3:o:vmware:esxi:6.5:650-201707207:*:*:*:*:*:*
VMware (Broadcom Inc.)
vmware
>>esxi>>6.5
cpe:2.3:o:vmware:esxi:6.5:650-201707208:*:*:*:*:*:*
VMware (Broadcom Inc.)
vmware
>>esxi>>6.5
cpe:2.3:o:vmware:esxi:6.5:650-201707209:*:*:*:*:*:*
VMware (Broadcom Inc.)
vmware
>>esxi>>6.5
cpe:2.3:o:vmware:esxi:6.5:650-201707210:*:*:*:*:*:*
VMware (Broadcom Inc.)
vmware
>>esxi>>6.5
cpe:2.3:o:vmware:esxi:6.5:650-201707211:*:*:*:*:*:*
VMware (Broadcom Inc.)
vmware
>>esxi>>6.5
cpe:2.3:o:vmware:esxi:6.5:650-201707212:*:*:*:*:*:*
VMware (Broadcom Inc.)
vmware
>>esxi>>6.5
cpe:2.3:o:vmware:esxi:6.5:650-201707213:*:*:*:*:*:*
VMware (Broadcom Inc.)
vmware
>>esxi>>6.5
cpe:2.3:o:vmware:esxi:6.5:650-201707214:*:*:*:*:*:*
VMware (Broadcom Inc.)
vmware
>>esxi>>6.5
cpe:2.3:o:vmware:esxi:6.5:650-201707215:*:*:*:*:*:*
VMware (Broadcom Inc.)
vmware
>>esxi>>6.5
cpe:2.3:o:vmware:esxi:6.5:650-201707216:*:*:*:*:*:*
VMware (Broadcom Inc.)
vmware
>>esxi>>6.5
cpe:2.3:o:vmware:esxi:6.5:650-201707217:*:*:*:*:*:*
VMware (Broadcom Inc.)
vmware
>>esxi>>6.5
cpe:2.3:o:vmware:esxi:6.5:650-201707218:*:*:*:*:*:*
VMware (Broadcom Inc.)
vmware
>>esxi>>6.5
cpe:2.3:o:vmware:esxi:6.5:650-201707219:*:*:*:*:*:*
VMware (Broadcom Inc.)
vmware
>>esxi>>6.5
cpe:2.3:o:vmware:esxi:6.5:650-201707220:*:*:*:*:*:*
VMware (Broadcom Inc.)
vmware
>>esxi>>6.5
cpe:2.3:o:vmware:esxi:6.5:650-201707221:*:*:*:*:*:*
VMware (Broadcom Inc.)
vmware
>>esxi>>6.5
cpe:2.3:o:vmware:esxi:6.5:650-201710001:*:*:*:*:*:*
VMware (Broadcom Inc.)
vmware
>>esxi>>6.5
cpe:2.3:o:vmware:esxi:6.5:650-201712001:*:*:*:*:*:*
VMware (Broadcom Inc.)
vmware
>>esxi>>6.5
cpe:2.3:o:vmware:esxi:6.5:650-201803001:*:*:*:*:*:*
VMware (Broadcom Inc.)
vmware
>>esxi>>6.5
cpe:2.3:o:vmware:esxi:6.5:650-201806001:*:*:*:*:*:*
VMware (Broadcom Inc.)
vmware
>>esxi>>6.5
cpe:2.3:o:vmware:esxi:6.5:650-201808001:*:*:*:*:*:*
VMware (Broadcom Inc.)
vmware
>>esxi>>6.5
cpe:2.3:o:vmware:esxi:6.5:650-201810001:*:*:*:*:*:*
VMware (Broadcom Inc.)
vmware
>>esxi>>6.5
cpe:2.3:o:vmware:esxi:6.5:650-201810002:*:*:*:*:*:*
VMware (Broadcom Inc.)
vmware
>>esxi>>6.5
cpe:2.3:o:vmware:esxi:6.5:650-201811001:*:*:*:*:*:*
VMware (Broadcom Inc.)
vmware
>>esxi>>6.5
cpe:2.3:o:vmware:esxi:6.5:650-201811002:*:*:*:*:*:*
VMware (Broadcom Inc.)
vmware
>>esxi>>6.5
cpe:2.3:o:vmware:esxi:6.5:650-201811301:*:*:*:*:*:*
VMware (Broadcom Inc.)
vmware
>>esxi>>6.5
cpe:2.3:o:vmware:esxi:6.5:650-201901001:*:*:*:*:*:*
VMware (Broadcom Inc.)
vmware
>>esxi>>6.5
cpe:2.3:o:vmware:esxi:6.5:650-201903001:*:*:*:*:*:*
VMware (Broadcom Inc.)
vmware
>>esxi>>6.5
cpe:2.3:o:vmware:esxi:6.5:650-201905001:*:*:*:*:*:*
VMware (Broadcom Inc.)
vmware
>>esxi>>6.5
cpe:2.3:o:vmware:esxi:6.5:650-201908001:*:*:*:*:*:*
VMware (Broadcom Inc.)
vmware
>>esxi>>6.5
cpe:2.3:o:vmware:esxi:6.5:650-201910001:*:*:*:*:*:*
VMware (Broadcom Inc.)
vmware
>>esxi>>6.5
cpe:2.3:o:vmware:esxi:6.5:650-20191004001:*:*:*:*:*:*
VMware (Broadcom Inc.)
vmware
>>esxi>>6.5
cpe:2.3:o:vmware:esxi:6.5:650-201911001:*:*:*:*:*:*
Weaknesses
CWE IDTypeSource
CWE-416Primarynvd@nist.gov
CWE ID: CWE-416
Type: Primary
Source: nvd@nist.gov
Evaluator Description
Evaluator Impact

Evaluator Solution

Vendor Statements
References
HyperlinkSourceResource
https://www.vmware.com/security/advisories/VMSA-2020-0015.htmlsecurity@vmware.com
Vendor Advisory
https://www.zerodayinitiative.com/advisories/ZDI-20-785/security@vmware.com
Third Party Advisory
Hyperlink: https://www.vmware.com/security/advisories/VMSA-2020-0015.html
Source: security@vmware.com
Resource:
Vendor Advisory
Hyperlink: https://www.zerodayinitiative.com/advisories/ZDI-20-785/
Source: security@vmware.com
Resource:
Third Party Advisory

Change History

0
Information is not available yet

Similar CVEs

88Records found
CVE-2020-0305
Matching Score-4
Assigner-Android (associated with Google Inc. or Open Handset Alliance)
ShareView Details
Matching Score-4
Assigner-Android (associated with Google Inc. or Open Handset Alliance)
CVSS Score-6.4||MEDIUM
EPSS-0.04% / 11.56%
||
7 Day CHG~0.00%
Published-17 Jul, 2020 | 19:59
Updated-04 Aug, 2024 | 05:55
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

In cdev_get of char_dev.c, there is a possible use-after-free due to a race condition. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-10Android ID: A-153467744

Action-Not Available
Vendor-n/aopenSUSEGoogle LLC
Product-androidleapAndroid
CWE ID-CWE-416
Use After Free
CWE ID-CWE-362
Concurrent Execution using Shared Resource with Improper Synchronization ('Race Condition')
CVE-2019-9458
Matching Score-4
Assigner-Android (associated with Google Inc. or Open Handset Alliance)
ShareView Details
Matching Score-4
Assigner-Android (associated with Google Inc. or Open Handset Alliance)
CVSS Score-7||HIGH
EPSS-0.02% / 4.14%
||
7 Day CHG~0.00%
Published-06 Sep, 2019 | 21:49
Updated-04 Aug, 2024 | 21:46
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

In the Android kernel in the video driver there is a use after free due to a race condition. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.

Action-Not Available
Vendor-n/aopenSUSEGoogle LLC
Product-androidleapAndroid
CWE ID-CWE-416
Use After Free
CWE ID-CWE-362
Concurrent Execution using Shared Resource with Improper Synchronization ('Race Condition')
CVE-2019-9271
Matching Score-4
Assigner-Android (associated with Google Inc. or Open Handset Alliance)
ShareView Details
Matching Score-4
Assigner-Android (associated with Google Inc. or Open Handset Alliance)
CVSS Score-6.4||MEDIUM
EPSS-0.02% / 3.71%
||
7 Day CHG~0.00%
Published-06 Sep, 2019 | 21:45
Updated-04 Aug, 2024 | 21:46
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

In the Android kernel in the mnh driver there is a race condition due to insufficient locking. This could lead to a use-after-free which could lead to escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation.

Action-Not Available
Vendor-n/aGoogle LLC
Product-androidAndroid
CWE ID-CWE-416
Use After Free
CWE ID-CWE-362
Concurrent Execution using Shared Resource with Improper Synchronization ('Race Condition')
CVE-2020-0268
Matching Score-4
Assigner-Android (associated with Google Inc. or Open Handset Alliance)
ShareView Details
Matching Score-4
Assigner-Android (associated with Google Inc. or Open Handset Alliance)
CVSS Score-6.4||MEDIUM
EPSS-0.01% / 2.08%
||
7 Day CHG~0.00%
Published-18 Sep, 2020 | 15:02
Updated-04 Aug, 2024 | 05:55
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

In NFC, there is a possible use-after-free due to a race condition. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-11Android ID: A-148294643

Action-Not Available
Vendor-n/aGoogle LLC
Product-androidAndroid
CWE ID-CWE-416
Use After Free
CWE ID-CWE-362
Concurrent Execution using Shared Resource with Improper Synchronization ('Race Condition')
CVE-2020-0358
Matching Score-4
Assigner-Android (associated with Google Inc. or Open Handset Alliance)
ShareView Details
Matching Score-4
Assigner-Android (associated with Google Inc. or Open Handset Alliance)
CVSS Score-6.4||MEDIUM
EPSS-0.01% / 2.84%
||
7 Day CHG~0.00%
Published-17 Sep, 2020 | 20:53
Updated-04 Aug, 2024 | 05:55
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

In SurfaceFlinger, there is a possible use after free due to a race condition. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-11Android ID: A-150227563

Action-Not Available
Vendor-n/aGoogle LLC
Product-androidAndroid
CWE ID-CWE-416
Use After Free
CWE ID-CWE-367
Time-of-check Time-of-use (TOCTOU) Race Condition
CVE-2019-2284
Matching Score-4
Assigner-Qualcomm, Inc.
ShareView Details
Matching Score-4
Assigner-Qualcomm, Inc.
CVSS Score-7||HIGH
EPSS-0.04% / 11.35%
||
7 Day CHG~0.00%
Published-30 Sep, 2019 | 15:40
Updated-04 Aug, 2024 | 18:42
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Possible use-after-free issue due to a race condition while calling camera ioctl concurrently in Snapdragon Compute, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables in MSM8909W, QCS405, QCS605, Qualcomm 215, SD 425, SD 439 / SD 429, SD 450, SD 625, SD 632, SD 665, SD 675, SD 712 / SD 710 / SD 670, SD 730, SD 845 / SD 850, SD 855, SDM439, SDX24

Action-Not Available
Vendor-Qualcomm Technologies, Inc.
Product-sd_712sd_850sd_632sd_855sd_730_firmwarequalcomm_215sd_675sd_439sd_670_firmwaresd_429sd_425sdx24sdm439sd_710_firmwareqcs405sd_625msm8909w_firmwaresd_450_firmwaresd_845_firmwaresd_439_firmwarequalcomm_215_firmwaresd_429_firmwareqcs605_firmwaresd_675_firmwaresd_425_firmwaresd_730sd_665sd_850_firmwaresdx24_firmwaresd_625_firmwaresd_450sdm439_firmwareqcs405_firmwaresd_712_firmwaresd_845qcs605sd_670sd_632_firmwaresd_710msm8909wsd_665_firmwaresd_855_firmwareSnapdragon Compute, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables
CWE ID-CWE-416
Use After Free
CWE ID-CWE-362
Concurrent Execution using Shared Resource with Improper Synchronization ('Race Condition')
CVE-2019-2314
Matching Score-4
Assigner-Qualcomm, Inc.
ShareView Details
Matching Score-4
Assigner-Qualcomm, Inc.
CVSS Score-7||HIGH
EPSS-0.04% / 11.35%
||
7 Day CHG~0.00%
Published-25 Jul, 2019 | 16:33
Updated-04 Aug, 2024 | 18:49
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Possible race condition that will cause a use-after-free when writing to two sysfs entries at nearly the same time in Snapdragon Compute, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables in MSM8909W, QCS405, QCS605, Qualcomm 215, SD 425, SD 439 / SD 429, SD 450, SD 625, SD 632, SD 636, SD 665, SD 675, SD 712 / SD 710 / SD 670, SD 730, SD 845 / SD 850, SD 855, SDM439, SDM660, SDX20, SDX24

Action-Not Available
Vendor-Qualcomm Technologies, Inc.
Product-sd_712sd_850sd_632sd_855sd_730_firmwarequalcomm_215sd_675sd_439sdx20sd_670_firmwaresd_429sd_425sdm660sdm439sd_710_firmwaresdx24sd_636qcs405sd_625msm8909w_firmwaresd_636_firmwaresd_450_firmwaresd_845_firmwaresd_439_firmwarequalcomm_215_firmwaresd_429_firmwareqcs605_firmwaresd_675_firmwaresd_425_firmwaresd_730sd_665sd_850_firmwaresdx24_firmwaresd_625_firmwaresd_450sdm439_firmwareqcs405_firmwaresd_712_firmwaresd_845qcs605sd_670sd_632_firmwaresd_710sdx20_firmwaremsm8909wsd_665_firmwaresdm660_firmwaresd_855_firmwareSnapdragon Compute, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables
CWE ID-CWE-416
Use After Free
CWE ID-CWE-362
Concurrent Execution using Shared Resource with Improper Synchronization ('Race Condition')
CVE-2019-19319
Matching Score-4
Assigner-MITRE Corporation
ShareView Details
Matching Score-4
Assigner-MITRE Corporation
CVSS Score-6.5||MEDIUM
EPSS-0.44% / 62.52%
||
7 Day CHG~0.00%
Published-27 Nov, 2019 | 22:48
Updated-05 Aug, 2024 | 02:16
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

In the Linux kernel before 5.2, a setxattr operation, after a mount of a crafted ext4 image, can cause a slab-out-of-bounds write access because of an ext4_xattr_set_entry use-after-free in fs/ext4/xattr.c when a large old_size value is used in a memset call, aka CID-345c0dbf3a30.

Action-Not Available
Vendor-n/aopenSUSELinux Kernel Organization, IncRed Hat, Inc.
Product-enterprise_linuxlinux_kernelleapn/a
CWE ID-CWE-416
Use After Free
CWE ID-CWE-787
Out-of-bounds Write
CVE-2021-3348
Matching Score-4
Assigner-MITRE Corporation
ShareView Details
Matching Score-4
Assigner-MITRE Corporation
CVSS Score-7||HIGH
EPSS-0.10% / 26.58%
||
7 Day CHG~0.00%
Published-01 Feb, 2021 | 03:43
Updated-03 Aug, 2024 | 16:53
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

nbd_add_socket in drivers/block/nbd.c in the Linux kernel through 5.10.12 has an ndb_queue_rq use-after-free that could be triggered by local attackers (with access to the nbd device) via an I/O request at a certain point during device setup, aka CID-b98e762e3d71.

Action-Not Available
Vendor-n/aLinux Kernel Organization, IncDebian GNU/Linux
Product-debian_linuxlinux_kerneln/a
CWE ID-CWE-416
Use After Free
CWE ID-CWE-362
Concurrent Execution using Shared Resource with Improper Synchronization ('Race Condition')
CVE-2021-30263
Matching Score-4
Assigner-Qualcomm, Inc.
ShareView Details
Matching Score-4
Assigner-Qualcomm, Inc.
CVSS Score-6.7||MEDIUM
EPSS-0.04% / 11.99%
||
7 Day CHG~0.00%
Published-12 Nov, 2021 | 06:15
Updated-03 Aug, 2024 | 22:24
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Possible race condition can occur due to lack of synchronization mechanism when On-Device Logging node open twice concurrently in Snapdragon Compute, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music

Action-Not Available
Vendor-Qualcomm Technologies, Inc.
Product-aqt1000_firmwareqca8337_firmwarewcn3999ar8031_firmwareqca8337qcs6125sdx55m_firmwarecsra6620qca6430qcs405wcd9340wcn3950_firmwarewsa8810_firmwarewcd9341_firmwareqcm6125qca6420_firmwarewsa8810wcd9335wcd9370csra6620_firmwaresd_8ccsra6640_firmwareqcs6125_firmwarewcd9341ar8031qca6430_firmwareqcs405_firmwarewcd9335_firmwarewcn3980wcn3998sd_8cx_firmwareqca6391_firmwarewcn3950ar8035sd_8cxaqt1000wcd9340_firmwarewcd9370_firmwaresd855sdx55wsa8815csra6640sd855_firmwaresd_8c_firmwarewsa8815_firmwaresdx55_firmwarewcn3999_firmwarewcn3998_firmwarewcn3980_firmwareqca6391sdx55mqca6420ar8035_firmwareqcm6125_firmwareSnapdragon Compute, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music
CWE ID-CWE-416
Use After Free
CVE-2019-10494
Matching Score-4
Assigner-Qualcomm, Inc.
ShareView Details
Matching Score-4
Assigner-Qualcomm, Inc.
CVSS Score-8.1||HIGH
EPSS-0.16% / 36.94%
||
7 Day CHG~0.00%
Published-12 Dec, 2019 | 08:30
Updated-04 Aug, 2024 | 22:24
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Race condition between the camera functions due to lack of resource lock which will lead to memory corruption and UAF issue in Snapdragon Auto, Snapdragon Consumer Electronics Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables in APQ8009, APQ8017, APQ8053, APQ8096AU, APQ8098, MDM9206, MDM9207C, MDM9607, MDM9640, MDM9650, MSM8909, MSM8909W, MSM8917, MSM8920, MSM8937, MSM8940, MSM8953, MSM8996AU, MSM8998, Nicobar, QCN7605, QCS405, QCS605, QM215, SDA660, SDA845, SDM429, SDM439, SDM450, SDM630, SDM632, SDM636, SDM660, SDM670, SDM710, SDM845, SDX20, SDX24, SM6150, SM7150, SM8150

Action-Not Available
Vendor-Qualcomm Technologies, Inc.
Product-mdm9640_firmwaresdm632_firmwaremsm8996au_firmwaresdm845sdm450_firmwaresdm632sdx24sdm439mdm9650sdm429msm8940_firmwaresm7150_firmwaresm6150msm8909w_firmwaremsm8996ausm7150apq8009_firmwaremsm8917sdm670qcs605_firmwaremdm9206sdm670_firmwaresdx24_firmwaresdm636sda845_firmwareapq8098qcn7605mdm9206_firmwareqcs605msm8937_firmwaremdm9650_firmwaresdm429_firmwaresda660msm8909wapq8009msm8909_firmwareapq8053_firmwaresda845nicobarmsm8920msm8953sdm450sdm636_firmwaresdm845_firmwareapq8098_firmwaresdx20msm8998_firmwaresdm660msm8920_firmwaresdm630mdm9607_firmwareqcs405sdm710qm215mdm9607apq8017_firmwaresdm710_firmwareqcn7605_firmwaremsm8937mdm9207c_firmwaremdm9207csm8150_firmwaremsm8909apq8096ausdm439_firmwareqcs405_firmwaresdm630_firmwaresda660_firmwareqm215_firmwaremsm8953_firmwaremsm8940sm6150_firmwareapq8053apq8096au_firmwaremsm8917_firmwaremsm8998sm8150sdx20_firmwareapq8017nicobar_firmwaresdm660_firmwaremdm9640Snapdragon Auto, Snapdragon Consumer Electronics Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables
CWE ID-CWE-416
Use After Free
CWE ID-CWE-787
Out-of-bounds Write
CWE ID-CWE-667
Improper Locking
CWE ID-CWE-367
Time-of-check Time-of-use (TOCTOU) Race Condition
CVE-2019-13233
Matching Score-4
Assigner-MITRE Corporation
ShareView Details
Matching Score-4
Assigner-MITRE Corporation
CVSS Score-7||HIGH
EPSS-0.05% / 16.70%
||
7 Day CHG~0.00%
Published-04 Jul, 2019 | 12:27
Updated-04 Aug, 2024 | 23:49
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

In arch/x86/lib/insn-eval.c in the Linux kernel before 5.1.9, there is a use-after-free for access to an LDT entry because of a race condition between modify_ldt() and a #BR exception for an MPX bounds violation.

Action-Not Available
Vendor-n/aLinux Kernel Organization, Inc
Product-linux_kerneln/a
CWE ID-CWE-416
Use After Free
CWE ID-CWE-362
Concurrent Execution using Shared Resource with Improper Synchronization ('Race Condition')
CVE-2021-25394
Matching Score-4
Assigner-Samsung Mobile
ShareView Details
Matching Score-4
Assigner-Samsung Mobile
CVSS Score-6.4||MEDIUM
EPSS-0.61% / 69.53%
||
7 Day CHG~0.00%
Published-11 Jun, 2021 | 14:45
Updated-30 Oct, 2025 | 15:36
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Known KEV||Action Due Date - 2023-07-20||Apply updates per vendor instructions or discontinue use of the product if updates are unavailable

A use after free vulnerability via race condition in MFC charger driver prior to SMR MAY-2021 Release 1 allows arbitrary write given a radio privilege is compromised.

Action-Not Available
Vendor-Google LLCSamsung ElectronicsSamsung
Product-androidSamsung Mobile Devices Mobile Devices
CWE ID-CWE-362
Concurrent Execution using Shared Resource with Improper Synchronization ('Race Condition')
CWE ID-CWE-416
Use After Free
CVE-2021-1900
Matching Score-4
Assigner-Qualcomm, Inc.
ShareView Details
Matching Score-4
Assigner-Qualcomm, Inc.
CVSS Score-8.4||HIGH
EPSS-0.03% / 9.79%
||
7 Day CHG~0.00%
Published-09 Jun, 2021 | 06:20
Updated-03 Aug, 2024 | 16:25
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Possible use after free in Display due to race condition while creating an external display in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables

Action-Not Available
Vendor-Qualcomm Technologies, Inc.
Product-qca9377_firmwarewcd9360_firmwaremdm9650sd_636csra6620wcn3950_firmwaremdm9250qca6420_firmwareqca6595au_firmwareqca6390_firmwareapq8009_firmwareqca6335sa6155sd_455_firmwarecsra6620_firmwareqcs605_firmwaresd675_firmwarewcd9370csra6640_firmwaresd632wcn3990_firmwareqca9377wcn3998sdw2500_firmwaresd_8cx_firmwarewhs9410wcn3950wcd9326_firmwarewcn3615_firmwaremdm9206_firmwarewcn3660bsd450_firmwaresd710_firmwareqca4020sa8155qca6320_firmwareqca6574au_firmwaresdx55_firmwarewcn3680b_firmwareqca6595ausa6155_firmwarewcd9375_firmwarewcn3615msm8909wwcn3998_firmwareapq8009w_firmwareqca6420apq8053_firmwarewcd9360wcn3610_firmwaresdx20mqca6564au_firmwaresa6155p_firmwareqca6310qca9367_firmwarewhs9410_firmwarewcn3999sd429qca9367sa8155_firmwaresdm630qcs405qca6430sd429_firmwaresd712_firmwarewcd9340sdm830_firmwareapq8017_firmwarewsa8810_firmwarequalcomm215_firmwareqca4020_firmwarewcd9326wcd9335sa6155pqcs603_firmwareqca6174a_firmwaremdm9250_firmwarewcn3660_firmwarewcd9341qca6696_firmwareqca6390wcd9375sd_8cxaqt1000apq8064aumsm8953_firmwaresd855_firmwaresd660wcn3620_firmwaresdx20_firmwaresd712wsa8815_firmwaresd660_firmwarewcn3620apq8017qca6564asd450wcn3610wcn3990wcd9330msm8996au_firmwareqca6595qca6564ausdx55m_firmwaremsm8909w_firmwareqca6574msm8996ausd632_firmwaresd670_firmwarewcn3999_firmwarequalcomm215qca6574asdx50m_firmwaremdm9206qca9379_firmwareqca6174aqca6310_firmwareqca6430_firmwarewcd9335_firmwarewcn3980sd439_firmwareqca6335_firmwareqca6574_firmwareqcs605wcd9340_firmwaresd855wsa8815qca6320mdm9650_firmwareqca6175awcn3660b_firmwarewcn3680qca6574a_firmwaresd835wcn3980_firmwareapq8009wcd9330_firmwaresdx55maqt1000_firmwaremsm8953apq8064au_firmwarear8031_firmwaresdx50mwcn3680_firmwaresdx20qcs603sd_455qca6574ausa8155p_firmwaresd710sd_636_firmwaresd670qca6564a_firmwareapq8009wwcd9341_firmwaresdx20m_firmwarewsa8810wcn3680bsd835_firmwareapq8096auar8031qca6595_firmwareqcs405_firmwareqca6696sdm630_firmwaresd845_firmwarewcd9370_firmwaresdw2500sdx55apq8053apq8096au_firmwarecsra6640sa8155psd675sd845sd439sdm830wcn3660qca9379qca6175a_firmwareSnapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables
CWE ID-CWE-416
Use After Free
CWE ID-CWE-362
Concurrent Execution using Shared Resource with Improper Synchronization ('Race Condition')
CVE-2021-0520
Matching Score-4
Assigner-Android (associated with Google Inc. or Open Handset Alliance)
ShareView Details
Matching Score-4
Assigner-Android (associated with Google Inc. or Open Handset Alliance)
CVSS Score-7||HIGH
EPSS-0.03% / 7.86%
||
7 Day CHG~0.00%
Published-21 Jun, 2021 | 16:01
Updated-03 Aug, 2024 | 15:40
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

In several functions of MemoryFileSystem.cpp and related files, there is a possible use after free due to a race condition. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-11 Android-10Android ID: A-176237595

Action-Not Available
Vendor-n/aGoogle LLC
Product-androidAndroid
CWE ID-CWE-416
Use After Free
CWE ID-CWE-362
Concurrent Execution using Shared Resource with Improper Synchronization ('Race Condition')
CVE-2016-10906
Matching Score-4
Assigner-MITRE Corporation
ShareView Details
Matching Score-4
Assigner-MITRE Corporation
CVSS Score-7||HIGH
EPSS-0.07% / 20.68%
||
7 Day CHG~0.00%
Published-19 Aug, 2019 | 01:52
Updated-06 Aug, 2024 | 03:38
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

An issue was discovered in drivers/net/ethernet/arc/emac_main.c in the Linux kernel before 4.5. A use-after-free is caused by a race condition between the functions arc_emac_tx and arc_emac_tx_clean.

Action-Not Available
Vendor-n/aLinux Kernel Organization, Inc
Product-linux_kerneln/a
CWE ID-CWE-416
Use After Free
CWE ID-CWE-362
Concurrent Execution using Shared Resource with Improper Synchronization ('Race Condition')
CVE-2021-0483
Matching Score-4
Assigner-Android (associated with Google Inc. or Open Handset Alliance)
ShareView Details
Matching Score-4
Assigner-Android (associated with Google Inc. or Open Handset Alliance)
CVSS Score-7.8||HIGH
EPSS-0.01% / 2.27%
||
7 Day CHG~0.00%
Published-22 Oct, 2021 | 13:26
Updated-03 Aug, 2024 | 15:40
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

In multiple methods of AAudioService, there is a possible use-after-free due to a race condition. This could lead to local escalation of privilege with User execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-10 Android-11Android ID: A-153358911

Action-Not Available
Vendor-n/aGoogle LLC
Product-androidAndroid
CWE ID-CWE-416
Use After Free
CWE ID-CWE-362
Concurrent Execution using Shared Resource with Improper Synchronization ('Race Condition')
CVE-2022-20091
Matching Score-4
Assigner-MediaTek, Inc.
ShareView Details
Matching Score-4
Assigner-MediaTek, Inc.
CVSS Score-6.4||MEDIUM
EPSS-0.01% / 1.69%
||
7 Day CHG~0.00%
Published-03 May, 2022 | 19:58
Updated-03 Aug, 2024 | 02:02
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

In aee driver, there is a possible use after free due to a race condition. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS06209201; Issue ID: ALPS06226345.

Action-Not Available
Vendor-Google LLCMediaTek Inc.
Product-mt6873mt6893mt8765mt6580mt8788mt6983mt8735mt8167mt6765mt6891mt6883mt8696mt6853tmt6739mt8768mt8789mt6769mt6761mt6875mt6889mt8797mt8321mt6768mt8362amt8786mt8766mt6771mt6833mt6885mt6877mt6762mt6781mt8365mt6853mt6895mt8168androidmt8185mt8791mt6779mt8163mt6785mt6731mt8735bmt6879mt8173MT6580, MT6731, MT6739, MT6761, MT6762, MT6765, MT6768, MT6769, MT6771, MT6779, MT6781, MT6785, MT6833, MT6853, MT6853T, MT6873, MT6875, MT6877, MT6879, MT6883, MT6885, MT6889, MT6891, MT6893, MT6895, MT6983, MT8163, MT8167, MT8168, MT8173, MT8185, MT8321, MT8362A, MT8365, MT8696, MT8735, MT8735B, MT8765, MT8766, MT8768, MT8786, MT8788, MT8789, MT8791, MT8797
CWE ID-CWE-416
Use After Free
CWE ID-CWE-362
Concurrent Execution using Shared Resource with Improper Synchronization ('Race Condition')
CVE-2021-0509
Matching Score-4
Assigner-Android (associated with Google Inc. or Open Handset Alliance)
ShareView Details
Matching Score-4
Assigner-Android (associated with Google Inc. or Open Handset Alliance)
CVSS Score-7||HIGH
EPSS-0.03% / 7.86%
||
7 Day CHG~0.00%
Published-21 Jun, 2021 | 16:01
Updated-03 Aug, 2024 | 15:40
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

In various functions of CryptoPlugin.cpp, there is a possible use after free due to a race condition. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-9 Android-10 Android-11 Android-8.1Android ID: A-176444161

Action-Not Available
Vendor-n/aGoogle LLC
Product-androidAndroid
CWE ID-CWE-416
Use After Free
CWE ID-CWE-362
Concurrent Execution using Shared Resource with Improper Synchronization ('Race Condition')
CVE-2018-5832
Matching Score-4
Assigner-Qualcomm, Inc.
ShareView Details
Matching Score-4
Assigner-Qualcomm, Inc.
CVSS Score-7||HIGH
EPSS-0.03% / 9.60%
||
7 Day CHG~0.00%
Published-06 Jul, 2018 | 17:00
Updated-16 Sep, 2024 | 23:42
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Due to a race condition in a camera driver ioctl handler in Android releases from CAF using the linux kernel (Android for MSM, Firefox OS for MSM, QRD Android) before security patch level 2018-06-05, a Use After Free condition can occur.

Action-Not Available
Vendor-Qualcomm Technologies, Inc.Google LLC
Product-androidAndroid for MSM, Firefox OS for MSM, QRD Android
CWE ID-CWE-416
Use After Free
CWE ID-CWE-362
Concurrent Execution using Shared Resource with Improper Synchronization ('Race Condition')
CVE-2022-1734
Matching Score-4
Assigner-Red Hat, Inc.
ShareView Details
Matching Score-4
Assigner-Red Hat, Inc.
CVSS Score-7||HIGH
EPSS-0.02% / 3.71%
||
7 Day CHG~0.00%
Published-18 May, 2022 | 16:28
Updated-03 Aug, 2024 | 00:16
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

A flaw in Linux Kernel found in nfcmrvl_nci_unregister_dev() in drivers/nfc/nfcmrvl/main.c can lead to use after free both read or write when non synchronized between cleanup routine and firmware download routine.

Action-Not Available
Vendor-n/aLinux Kernel Organization, IncNetApp, Inc.Debian GNU/Linux
Product-h300eh500sh300s_firmwareh410c_firmwareh410sh300sh300e_firmwaredebian_linuxlinux_kernelh500eh410s_firmwareh700s_firmwareh500s_firmwareh500e_firmwareh700eh410ch700e_firmwareh700skernel
CWE ID-CWE-416
Use After Free
CVE-2021-0565
Matching Score-4
Assigner-Android (associated with Google Inc. or Open Handset Alliance)
ShareView Details
Matching Score-4
Assigner-Android (associated with Google Inc. or Open Handset Alliance)
CVSS Score-7||HIGH
EPSS-0.01% / 2.27%
||
7 Day CHG~0.00%
Published-22 Jun, 2021 | 10:58
Updated-03 Aug, 2024 | 15:47
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

In wrapUserThread of AudioStream.cpp, there is a possible use after free due to a race condition. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-11Android ID: A-174801970

Action-Not Available
Vendor-n/aGoogle LLC
Product-androidAndroid
CWE ID-CWE-416
Use After Free
CWE ID-CWE-362
Concurrent Execution using Shared Resource with Improper Synchronization ('Race Condition')
CVE-2020-6208
Matching Score-4
Assigner-SAP SE
ShareView Details
Matching Score-4
Assigner-SAP SE
CVSS Score-7.5||HIGH
EPSS-2.60% / 85.35%
||
7 Day CHG~0.00%
Published-10 Mar, 2020 | 20:20
Updated-04 Aug, 2024 | 08:55
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

SAP Business Objects Business Intelligence Platform (Crystal Reports), versions- 4.1, 4.2, allows an attacker with basic authorization to inject code that can be executed by the application and thus allowing the attacker to control the behaviour of the application, leading to Remote Code Execution. Although the mode of attack is only Local, multiple applications can be impacted as a result of the vulnerability.

Action-Not Available
Vendor-SAP SE
Product-crystal_reportsSAP Business Objects Business Intelligence Platform (Crystal Reports)
CWE ID-CWE-416
Use After Free
CVE-2020-2758
Matching Score-4
Assigner-Oracle
ShareView Details
Matching Score-4
Assigner-Oracle
CVSS Score-8.2||HIGH
EPSS-0.17% / 37.56%
||
7 Day CHG~0.00%
Published-15 Apr, 2020 | 13:29
Updated-30 Sep, 2024 | 14:49
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Vulnerability in the Oracle VM VirtualBox product of Oracle Virtualization (component: Core). Supported versions that are affected are Prior to 5.2.40, prior to 6.0.20 and prior to 6.1.6. Easily exploitable vulnerability allows high privileged attacker with logon to the infrastructure where Oracle VM VirtualBox executes to compromise Oracle VM VirtualBox. While the vulnerability is in Oracle VM VirtualBox, attacks may significantly impact additional products. Successful attacks of this vulnerability can result in takeover of Oracle VM VirtualBox. CVSS 3.0 Base Score 8.2 (Confidentiality, Integrity and Availability impacts). CVSS Vector: (CVSS:3.0/AV:L/AC:L/PR:H/UI:N/S:C/C:H/I:H/A:H).

Action-Not Available
Vendor-openSUSEOracle Corporation
Product-vm_virtualboxleapVM VirtualBox
CWE ID-CWE-416
Use After Free
CVE-2018-5853
Matching Score-4
Assigner-Qualcomm, Inc.
ShareView Details
Matching Score-4
Assigner-Qualcomm, Inc.
CVSS Score-7||HIGH
EPSS-0.05% / 15.28%
||
7 Day CHG~0.00%
Published-06 Jul, 2018 | 19:00
Updated-16 Sep, 2024 | 16:43
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

A race condition exists in a driver in all Android releases from CAF using the Linux kernel (Android for MSM, Firefox OS for MSM, QRD Android) before security patch level 2018-05-05 potentially leading to a use-after-free condition.

Action-Not Available
Vendor-Qualcomm Technologies, Inc.Google LLC
Product-androidAndroid for MSM, Firefox OS for MSM, QRD Android
CWE ID-CWE-416
Use After Free
CWE ID-CWE-362
Concurrent Execution using Shared Resource with Improper Synchronization ('Race Condition')
CVE-2018-5849
Matching Score-4
Assigner-Qualcomm, Inc.
ShareView Details
Matching Score-4
Assigner-Qualcomm, Inc.
CVSS Score-7||HIGH
EPSS-0.03% / 9.60%
||
7 Day CHG~0.00%
Published-12 Jun, 2018 | 20:00
Updated-16 Sep, 2024 | 20:43
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Due to a race condition in the QTEECOM driver in all Android releases from CAF (Android for MSM, Firefox OS for MSM, QRD Android) using the Linux Kernel, when more than one HLOS client loads the same TA, a Use After Free condition can occur.

Action-Not Available
Vendor-Qualcomm Technologies, Inc.Google LLC
Product-androidAndroid for MSM, Firefox OS for MSM, QRD Android
CWE ID-CWE-416
Use After Free
CWE ID-CWE-362
Concurrent Execution using Shared Resource with Improper Synchronization ('Race Condition')
CVE-2018-5859
Matching Score-4
Assigner-Qualcomm, Inc.
ShareView Details
Matching Score-4
Assigner-Qualcomm, Inc.
CVSS Score-7||HIGH
EPSS-0.05% / 15.28%
||
7 Day CHG~0.00%
Published-06 Jul, 2018 | 19:00
Updated-16 Sep, 2024 | 18:39
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Due to a race condition in the MDSS MDP driver in all Android releases from CAF using the Linux kernel (Android for MSM, Firefox OS for MSM, QRD Android) before security patch level 2018-07-05, a Use After Free condition can occur.

Action-Not Available
Vendor-Qualcomm Technologies, Inc.Google LLC
Product-androidAndroid for MSM, Firefox OS for MSM, QRD Android
CWE ID-CWE-416
Use After Free
CWE ID-CWE-362
Concurrent Execution using Shared Resource with Improper Synchronization ('Race Condition')
CVE-2018-3561
Matching Score-4
Assigner-Qualcomm, Inc.
ShareView Details
Matching Score-4
Assigner-Qualcomm, Inc.
CVSS Score-7||HIGH
EPSS-0.01% / 2.83%
||
7 Day CHG~0.00%
Published-16 Mar, 2018 | 22:00
Updated-16 Sep, 2024 | 17:14
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

In Android for MSM, Firefox OS for MSM, QRD Android, with all Android releases from CAF using the Linux kernel, a race condition in diag_ioctl_lsm_deinit() leads to a Use After Free condition.

Action-Not Available
Vendor-n/aGoogle LLC
Product-androidn/a
CWE ID-CWE-416
Use After Free
CWE ID-CWE-362
Concurrent Execution using Shared Resource with Improper Synchronization ('Race Condition')
CVE-2020-25632
Matching Score-4
Assigner-Red Hat, Inc.
ShareView Details
Matching Score-4
Assigner-Red Hat, Inc.
CVSS Score-8.2||HIGH
EPSS-0.02% / 3.23%
||
7 Day CHG~0.00%
Published-03 Mar, 2021 | 16:40
Updated-04 Aug, 2024 | 15:40
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

A flaw was found in grub2 in versions prior to 2.06. The rmmod implementation allows the unloading of a module used as a dependency without checking if any other dependent module is still loaded leading to a use-after-free scenario. This could allow arbitrary code to be executed or a bypass of Secure Boot protections. The highest threat from this vulnerability is to data confidentiality and integrity as well as system availability.

Action-Not Available
Vendor-n/aRed Hat, Inc.NetApp, Inc.GNUFedora Project
Product-enterprise_linux_server_eusontap_select_deploy_administration_utilityenterprise_linux_server_ausenterprise_linux_workstationenterprise_linuxfedoraenterprise_linux_server_tusgrub2grub2
CWE ID-CWE-416
Use After Free
CVE-2018-14625
Matching Score-4
Assigner-Red Hat, Inc.
ShareView Details
Matching Score-4
Assigner-Red Hat, Inc.
CVSS Score-5.3||MEDIUM
EPSS-0.06% / 19.87%
||
7 Day CHG~0.00%
Published-10 Sep, 2018 | 13:00
Updated-05 Aug, 2024 | 09:29
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

A flaw was found in the Linux Kernel where an attacker may be able to have an uncontrolled read to kernel-memory from within a vm guest. A race condition between connect() and close() function may allow an attacker using the AF_VSOCK protocol to gather a 4 byte information leak or possibly intercept or corrupt AF_VSOCK messages destined to other clients.

Action-Not Available
Vendor-[UNKNOWN]Linux Kernel Organization, IncDebian GNU/LinuxCanonical Ltd.
Product-ubuntu_linuxdebian_linuxlinux_kernelkernel
CWE ID-CWE-416
Use After Free
CWE ID-CWE-362
Concurrent Execution using Shared Resource with Improper Synchronization ('Race Condition')
CVE-2020-11173
Matching Score-4
Assigner-Qualcomm, Inc.
ShareView Details
Matching Score-4
Assigner-Qualcomm, Inc.
CVSS Score-7||HIGH
EPSS-0.03% / 9.43%
||
7 Day CHG~0.00%
Published-02 Nov, 2020 | 06:21
Updated-04 Aug, 2024 | 11:28
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

u'Two threads running simultaneously from user space can lead to race condition in fastRPC driver' in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables, Snapdragon Wired Infrastructure and Networking in Agatti, APQ8053, Bitra, IPQ4019, IPQ5018, IPQ6018, IPQ8064, IPQ8074, Kamorta, MDM9607, MSM8953, Nicobar, QCA6390, QCS404, QCS405, QCS610, Rennell, SA515M, SA6155P, SA8155P, Saipan, SC8180X, SDA845, SDM429, SDM429W, SDM632, SDM660, SDX55, SM6150, SM7150, SM8150, SM8250, SXR2130

Action-Not Available
Vendor-Qualcomm Technologies, Inc.
Product-ipq5018_firmwarekamorta_firmwareqcs610sdm429wsdm632_firmwaresdm632qcs404_firmwaresdm429sm7150_firmwaresm6150agatti_firmwaresdm429w_firmwaresm7150qca6390_firmwaresxr2130sc8180xipq4019_firmwareqcs404ipq8074sda845_firmwareipq5018bitraipq6018_firmwaresa515mbitra_firmwaresdm429_firmwareipq8064sdx55_firmwareapq8053_firmwareagattiipq8064_firmwaresda845nicobarsa6155p_firmwaremsm8953sa515m_firmwaresdm660mdm9607_firmwaresm8250_firmwaresc8180x_firmwareqcs405ipq8074_firmwaresa8155p_firmwaremdm9607sa6155pqcs610_firmwareipq6018sm8150_firmwaresxr2130_firmwareqcs405_firmwarerennellrennell_firmwareqca6390ipq4019sdx55msm8953_firmwareapq8053sa8155psaipan_firmwaresm6150_firmwaresm8250sm8150kamortanicobar_firmwaresaipansdm660_firmwareSnapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables, Snapdragon Wired Infrastructure and Networking
CWE ID-CWE-416
Use After Free
CWE ID-CWE-362
Concurrent Execution using Shared Resource with Improper Synchronization ('Race Condition')
CVE-2020-13630
Matching Score-4
Assigner-MITRE Corporation
ShareView Details
Matching Score-4
Assigner-MITRE Corporation
CVSS Score-7||HIGH
EPSS-0.08% / 22.64%
||
7 Day CHG~0.00%
Published-27 May, 2020 | 14:42
Updated-04 Aug, 2024 | 12:25
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

ext/fts3/fts3.c in SQLite before 3.32.0 has a use-after-free in fts3EvalNextRow, related to the snippet feature.

Action-Not Available
Vendor-sqliten/aNetApp, Inc.Debian GNU/LinuxOracle CorporationCanonical Ltd.Siemens AGApple Inc.Fedora ProjectBrocade Communications Systems, Inc. (Broadcom Inc.)
Product-ubuntu_linuxitunesiphone_oscloud_backupsqlitecommunications_network_charging_and_controloutside_in_technologymacoshci_compute_nodeicloudsinec_infrastructure_network_servicesdebian_linuxipadostvoswatchosfedorazfs_storage_appliance_kitsolidfire\,_enterprise_sds_\&_hci_storage_nodehci_compute_node_firmwarefabric_operating_systemn/a
CWE ID-CWE-416
Use After Free
CVE-2022-27834
Matching Score-4
Assigner-Samsung Mobile
ShareView Details
Matching Score-4
Assigner-Samsung Mobile
CVSS Score-2.9||LOW
EPSS-0.01% / 3.15%
||
7 Day CHG~0.00%
Published-11 Apr, 2022 | 19:37
Updated-03 Aug, 2024 | 05:41
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Use after free vulnerability in dsp_context_unload_graph function of DSP driver prior to SMR Apr-2022 Release 1 allows attackers to perform malicious actions.

Action-Not Available
Vendor-Google LLCSamsungSamsung Electronics
Product-androidexynos_9830exynos_980exynos_2100Samsung Mobile Devices
CWE ID-CWE-367
Time-of-check Time-of-use (TOCTOU) Race Condition
CWE ID-CWE-416
Use After Free
CVE-2020-18897
Matching Score-4
Assigner-MITRE Corporation
ShareView Details
Matching Score-4
Assigner-MITRE Corporation
CVSS Score-7.8||HIGH
EPSS-0.10% / 28.61%
||
7 Day CHG~0.00%
Published-19 Aug, 2021 | 21:20
Updated-04 Aug, 2024 | 14:08
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

An use-after-free vulnerability in the libpff_item_tree_create_node function of libyal Libpff before 20180623 allows attackers to cause a denial of service (DOS) or execute arbitrary code via a crafted pff file.

Action-Not Available
Vendor-libpff_projectn/a
Product-libpffn/a
CWE ID-CWE-416
Use After Free
CVE-2017-11045
Matching Score-4
Assigner-Qualcomm, Inc.
ShareView Details
Matching Score-4
Assigner-Qualcomm, Inc.
CVSS Score-7||HIGH
EPSS-0.01% / 2.83%
||
7 Day CHG~0.00%
Published-05 Dec, 2017 | 17:00
Updated-20 Apr, 2025 | 01:37
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

In Android for MSM, Firefox OS for MSM, QRD Android, with all Android releases from CAF using the Linux kernel, in a camera driver function, a race condition exists which can lead to a Use After Free condition.

Action-Not Available
Vendor-Google LLCQualcomm Technologies, Inc.
Product-androidAndroid for MSM, Firefox OS for MSM, QRD Android
CWE ID-CWE-362
Concurrent Execution using Shared Resource with Improper Synchronization ('Race Condition')
CWE ID-CWE-416
Use After Free
CVE-2017-11044
Matching Score-4
Assigner-Qualcomm, Inc.
ShareView Details
Matching Score-4
Assigner-Qualcomm, Inc.
CVSS Score-7||HIGH
EPSS-0.01% / 2.83%
||
7 Day CHG~0.00%
Published-05 Dec, 2017 | 17:00
Updated-20 Apr, 2025 | 01:37
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

In Android for MSM, Firefox OS for MSM, QRD Android, with all Android releases from CAF using the Linux kernel, in a KGSL driver function, a race condition exists which can lead to a Use After Free condition.

Action-Not Available
Vendor-Google LLCQualcomm Technologies, Inc.
Product-androidAndroid for MSM, Firefox OS for MSM, QRD Android
CWE ID-CWE-362
Concurrent Execution using Shared Resource with Improper Synchronization ('Race Condition')
CWE ID-CWE-416
Use After Free
CVE-2015-7312
Matching Score-4
Assigner-MITRE Corporation
ShareView Details
Matching Score-4
Assigner-MITRE Corporation
CVSS Score-4.4||MEDIUM
EPSS-0.04% / 11.78%
||
7 Day CHG~0.00%
Published-16 Nov, 2015 | 11:00
Updated-12 Apr, 2025 | 10:46
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Multiple race conditions in the Advanced Union Filesystem (aufs) aufs3-mmap.patch and aufs4-mmap.patch patches for the Linux kernel 3.x and 4.x allow local users to cause a denial of service (use-after-free and BUG) or possibly gain privileges via a (1) madvise or (2) msync system call, related to mm/madvise.c and mm/msync.c.

Action-Not Available
Vendor-n/aDebian GNU/LinuxLinux Kernel Organization, IncCanonical Ltd.
Product-linux_kerneldebian_linuxubuntu_linuxn/a
CWE ID-CWE-362
Concurrent Execution using Shared Resource with Improper Synchronization ('Race Condition')
CWE ID-CWE-416
Use After Free
CVE-2024-6519
Matching Score-4
Assigner-Fedora Project
ShareView Details
Matching Score-4
Assigner-Fedora Project
CVSS Score-8.2||HIGH
EPSS-0.02% / 3.29%
||
7 Day CHG~0.00%
Published-21 Oct, 2024 | 14:36
Updated-08 Aug, 2025 | 16:13
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Qemu: scsi: lsi53c895a: use-after-free local privilege escalation vulnerability

A use-after-free vulnerability was found in the QEMU LSI53C895A SCSI Host Bus Adapter emulation. This issue can lead to a crash or VM escape.

Action-Not Available
Vendor-QEMURed Hat, Inc.
Product-qemuRed Hat Enterprise Linux 9Red Hat Enterprise Linux 6Red Hat Enterprise Linux 8 Advanced VirtualizationRed Hat Enterprise Linux 8Red Hat Enterprise Linux 7
CWE ID-CWE-416
Use After Free
  • Previous
  • 1
  • 2
  • Next
Details not found