Common Weakness Enumeration

CWE-662

Discouraged

Improper Synchronization

Abstraction: Class · Status: Draft

The product utilizes multiple threads, processes, components, or systems to allow temporary access to a shared resource that can only be exclusive to one process at a time, but it does not properly synchronize these actions, which might cause simultaneous accesses of this resource by multiple threads or processes.

72 vulnerabilities reference this CWE, most recent first.

GHSA-MM4M-QG48-F7WC

Vulnerability from github – Published: 2021-08-25 21:01 – Updated: 2022-06-14 20:12
VLAI
Summary
Improper Synchronization and Race Condition in vm-memory
Details

rust-vmm vm-memory before 0.1.1 and 0.2.x before 0.2.1 allows attackers to cause a denial of service (loss of IP networking) because read_obj and write_obj do not properly access memory. This affects aarch64 (with musl or glibc) and x86_64 (with musl).

Show details on source website

{
  "affected": [
    {
      "package": {
        "ecosystem": "crates.io",
        "name": "vm-memory"
      },
      "ranges": [
        {
          "events": [
            {
              "introduced": "0"
            },
            {
              "fixed": "0.1.1"
            }
          ],
          "type": "ECOSYSTEM"
        }
      ]
    },
    {
      "package": {
        "ecosystem": "crates.io",
        "name": "vm-memory"
      },
      "ranges": [
        {
          "events": [
            {
              "introduced": "0.2.0"
            },
            {
              "fixed": "0.2.1"
            }
          ],
          "type": "ECOSYSTEM"
        }
      ]
    }
  ],
  "aliases": [
    "CVE-2020-13759"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-362",
      "CWE-662"
    ],
    "github_reviewed": true,
    "github_reviewed_at": "2021-07-26T20:45:48Z",
    "nvd_published_at": "2020-06-02T19:15:00Z",
    "severity": "HIGH"
  },
  "details": "rust-vmm vm-memory before 0.1.1 and 0.2.x before 0.2.1 allows attackers to cause a denial of service (loss of IP networking) because read_obj and write_obj do not properly access memory. This affects aarch64 (with musl or glibc) and x86_64 (with musl).",
  "id": "GHSA-mm4m-qg48-f7wc",
  "modified": "2022-06-14T20:12:33Z",
  "published": "2021-08-25T21:01:29Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2020-13759"
    },
    {
      "type": "WEB",
      "url": "https://github.com/rust-vmm/vm-memory/issues/93"
    },
    {
      "type": "PACKAGE",
      "url": "https://github.com/rust-vmm/vm-memory"
    },
    {
      "type": "WEB",
      "url": "https://github.com/rust-vmm/vm-memory/releases/tag/v0.1.1"
    },
    {
      "type": "WEB",
      "url": "https://github.com/rust-vmm/vm-memory/releases/tag/v0.2.1"
    },
    {
      "type": "WEB",
      "url": "https://rustsec.org/advisories/RUSTSEC-2020-0157.html"
    }
  ],
  "schema_version": "1.4.0",
  "severity": [
    {
      "score": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
      "type": "CVSS_V3"
    }
  ],
  "summary": "Improper Synchronization and Race Condition in vm-memory"
}

GHSA-P337-PP7M-PV25

Vulnerability from github – Published: 2022-10-08 00:00 – Updated: 2022-10-11 19:00
VLAI
Details

In isp, there is a possible use after free due to improper locking. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS07262305; Issue ID: ALPS07262305.

Show details on source website

{
  "affected": [],
  "aliases": [
    "CVE-2022-26452"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-662"
    ],
    "github_reviewed": false,
    "github_reviewed_at": null,
    "nvd_published_at": "2022-10-07T20:15:00Z",
    "severity": "MODERATE"
  },
  "details": "In isp, there is a possible use after free due to improper locking. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS07262305; Issue ID: ALPS07262305.",
  "id": "GHSA-p337-pp7m-pv25",
  "modified": "2022-10-11T19:00:28Z",
  "published": "2022-10-08T00:00:16Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2022-26452"
    },
    {
      "type": "WEB",
      "url": "https://corp.mediatek.com/product-security-bulletin/October-2022"
    }
  ],
  "schema_version": "1.4.0",
  "severity": [
    {
      "score": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H",
      "type": "CVSS_V3"
    }
  ]
}

GHSA-PJ6X-87QC-W9F6

Vulnerability from github – Published: 2023-02-06 21:30 – Updated: 2023-02-14 18:30
VLAI
Details

In display drm, there is a possible memory corruption due to a race condition. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS07363469; Issue ID: ALPS07363469.

Show details on source website

{
  "affected": [],
  "aliases": [
    "CVE-2023-20610"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-662"
    ],
    "github_reviewed": false,
    "github_reviewed_at": null,
    "nvd_published_at": "2023-02-06T20:15:00Z",
    "severity": "MODERATE"
  },
  "details": "In display drm, there is a possible memory corruption due to a race condition. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS07363469; Issue ID: ALPS07363469.",
  "id": "GHSA-pj6x-87qc-w9f6",
  "modified": "2023-02-14T18:30:21Z",
  "published": "2023-02-06T21:30:33Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2023-20610"
    },
    {
      "type": "WEB",
      "url": "https://corp.mediatek.com/product-security-bulletin/February-2023"
    }
  ],
  "schema_version": "1.4.0",
  "severity": [
    {
      "score": "CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:H",
      "type": "CVSS_V3"
    }
  ]
}

GHSA-PPHF-F93W-GC84

Vulnerability from github – Published: 2021-08-25 20:51 – Updated: 2024-10-25 21:35
VLAI
Summary
Data race in may_queue
Details

An issue was discovered in the may_queue crate through 2020-11-10 for Rust. Because Queue does not have bounds on its Send trait or Sync trait, memory corruption can occur.

Show details on source website

{
  "affected": [
    {
      "package": {
        "ecosystem": "crates.io",
        "name": "may_queue"
      },
      "ranges": [
        {
          "events": [
            {
              "introduced": "0"
            },
            {
              "last_affected": "0.1.8"
            }
          ],
          "type": "ECOSYSTEM"
        }
      ]
    }
  ],
  "aliases": [
    "CVE-2020-36217"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-662",
      "CWE-787"
    ],
    "github_reviewed": true,
    "github_reviewed_at": "2021-08-19T18:48:04Z",
    "nvd_published_at": null,
    "severity": "MODERATE"
  },
  "details": "An issue was discovered in the may_queue crate through 2020-11-10 for Rust. Because Queue does not have bounds on its Send trait or Sync trait, memory corruption can occur.",
  "id": "GHSA-pphf-f93w-gc84",
  "modified": "2024-10-25T21:35:35Z",
  "published": "2021-08-25T20:51:47Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2020-36217"
    },
    {
      "type": "WEB",
      "url": "https://github.com/Xudong-Huang/may/issues/88"
    },
    {
      "type": "PACKAGE",
      "url": "https://github.com/Xudong-Huang/may"
    },
    {
      "type": "WEB",
      "url": "https://rustsec.org/advisories/RUSTSEC-2020-0111.html"
    }
  ],
  "schema_version": "1.4.0",
  "severity": [
    {
      "score": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H",
      "type": "CVSS_V3"
    }
  ],
  "summary": "Data race in may_queue"
}

GHSA-PRM6-42X6-PWFM

Vulnerability from github – Published: 2022-05-24 17:47 – Updated: 2024-04-04 03:06
VLAI
Details

In the standard library in Rust before 1.29.0, there is weak synchronization in the Arc::get_mut method. This synchronization issue can be lead to memory safety issues through race conditions.

Show details on source website

{
  "affected": [],
  "aliases": [
    "CVE-2018-25008"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-662"
    ],
    "github_reviewed": false,
    "github_reviewed_at": null,
    "nvd_published_at": "2021-04-14T07:15:00Z",
    "severity": "MODERATE"
  },
  "details": "In the standard library in Rust before 1.29.0, there is weak synchronization in the Arc::get_mut method. This synchronization issue can be lead to memory safety issues through race conditions.",
  "id": "GHSA-prm6-42x6-pwfm",
  "modified": "2024-04-04T03:06:07Z",
  "published": "2022-05-24T17:47:31Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2018-25008"
    },
    {
      "type": "WEB",
      "url": "https://github.com/rust-lang/rust/issues/51780"
    },
    {
      "type": "WEB",
      "url": "https://github.com/rust-lang/rust/pull/52031"
    }
  ],
  "schema_version": "1.4.0",
  "severity": [
    {
      "score": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N",
      "type": "CVSS_V3"
    }
  ]
}

GHSA-PWPP-FC52-54W9

Vulnerability from github – Published: 2022-05-24 17:39 – Updated: 2022-05-24 17:39
VLAI
Details

The login verification can be bypassed by using the problem that the time is not synchronized after the router restarts. This affects Xiaomi router AX1800rom version < 1.0.336 and Xiaomi route RM1800 root version < 1.0.26.

Show details on source website

{
  "affected": [],
  "aliases": [
    "CVE-2020-14098"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-662"
    ],
    "github_reviewed": false,
    "github_reviewed_at": null,
    "nvd_published_at": "2021-01-13T23:15:00Z",
    "severity": "HIGH"
  },
  "details": "The login verification can be bypassed by using the problem that the time is not synchronized after the router restarts. This affects Xiaomi router AX1800rom version \u003c 1.0.336 and Xiaomi route RM1800 root version \u003c 1.0.26.",
  "id": "GHSA-pwpp-fc52-54w9",
  "modified": "2022-05-24T17:39:14Z",
  "published": "2022-05-24T17:39:14Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2020-14098"
    },
    {
      "type": "WEB",
      "url": "https://privacy.mi.com/trust#/security/vulnerability-management/vulnerability-announcement/detail?id=22\u0026locale=en"
    }
  ],
  "schema_version": "1.4.0",
  "severity": []
}

GHSA-Q4JV-8WFR-4PF8

Vulnerability from github – Published: 2022-05-24 16:58 – Updated: 2022-05-24 16:58
VLAI
Details

An issue was discovered in Xen through 4.11.x allowing x86 PV guest OS users to cause a denial of service by leveraging a long-running operation that exists to support restartability of PTE updates.

Show details on source website

{
  "affected": [],
  "aliases": [
    "CVE-2019-17344"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-20",
      "CWE-662"
    ],
    "github_reviewed": false,
    "github_reviewed_at": null,
    "nvd_published_at": "2019-10-08T01:15:00Z",
    "severity": "MODERATE"
  },
  "details": "An issue was discovered in Xen through 4.11.x allowing x86 PV guest OS users to cause a denial of service by leveraging a long-running operation that exists to support restartability of PTE updates.",
  "id": "GHSA-q4jv-8wfr-4pf8",
  "modified": "2022-05-24T16:58:10Z",
  "published": "2022-05-24T16:58:10Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2019-17344"
    },
    {
      "type": "WEB",
      "url": "https://seclists.org/bugtraq/2020/Jan/21"
    },
    {
      "type": "WEB",
      "url": "https://www.debian.org/security/2020/dsa-4602"
    },
    {
      "type": "WEB",
      "url": "https://xenbits.xen.org/xsa/advisory-290.html"
    },
    {
      "type": "WEB",
      "url": "http://www.openwall.com/lists/oss-security/2019/10/25/3"
    },
    {
      "type": "WEB",
      "url": "http://xenbits.xen.org/xsa/advisory-290.html"
    }
  ],
  "schema_version": "1.4.0",
  "severity": [
    {
      "score": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:N/I:N/A:H",
      "type": "CVSS_V3"
    }
  ]
}

GHSA-Q9H2-4XHF-23XX

Vulnerability from github – Published: 2021-08-25 20:51 – Updated: 2022-06-07 21:31
VLAI
Summary
Data races in im
Details

An issue was discovered in the im crate prior to 15.1.0 for Rust. Because TreeFocus does not have bounds on its Send trait or Sync trait, a data race can occur.

Show details on source website

{
  "affected": [
    {
      "package": {
        "ecosystem": "crates.io",
        "name": "im"
      },
      "ranges": [
        {
          "events": [
            {
              "introduced": "12.0.0"
            },
            {
              "fixed": "15.1.0"
            }
          ],
          "type": "ECOSYSTEM"
        }
      ]
    }
  ],
  "aliases": [
    "CVE-2020-36204"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-662"
    ],
    "github_reviewed": true,
    "github_reviewed_at": "2021-08-19T18:49:57Z",
    "nvd_published_at": "2021-01-26T18:15:00Z",
    "severity": "MODERATE"
  },
  "details": "An issue was discovered in the im crate prior to 15.1.0 for Rust. Because TreeFocus does not have bounds on its Send trait or Sync trait, a data race can occur.",
  "id": "GHSA-q9h2-4xhf-23xx",
  "modified": "2022-06-07T21:31:41Z",
  "published": "2021-08-25T20:51:36Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2020-36204"
    },
    {
      "type": "WEB",
      "url": "https://github.com/bodil/im-rs/issues/157"
    },
    {
      "type": "WEB",
      "url": "https://github.com/bodil/im-rs/pull/158"
    },
    {
      "type": "WEB",
      "url": "https://github.com/bodil/im-rs/commit/0b3a7b228b0fe70446393f55c8b893f349f3f6bd"
    },
    {
      "type": "PACKAGE",
      "url": "https://github.com/bodil/im-rs"
    },
    {
      "type": "WEB",
      "url": "https://github.com/bodil/im-rs/releases/tag/v15.1.0"
    },
    {
      "type": "WEB",
      "url": "https://rustsec.org/advisories/RUSTSEC-2020-0096.html"
    }
  ],
  "schema_version": "1.4.0",
  "severity": [
    {
      "score": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H",
      "type": "CVSS_V3"
    }
  ],
  "summary": "Data races in im"
}

GHSA-R7RV-2RPH-HVHJ

Vulnerability from github – Published: 2021-08-25 20:51 – Updated: 2021-08-19 18:48
VLAI
Summary
Improper synchronization in buttplug
Details

An issue was discovered in the buttplug crate before 1.0.4 for Rust. ButtplugFutureStateShared does not properly consider (!Send|!Sync) objects, leading to a data race.

Show details on source website

{
  "affected": [
    {
      "package": {
        "ecosystem": "crates.io",
        "name": "buttplug"
      },
      "ranges": [
        {
          "events": [
            {
              "introduced": "0"
            },
            {
              "fixed": "1.0.4"
            }
          ],
          "type": "ECOSYSTEM"
        }
      ]
    }
  ],
  "aliases": [
    "CVE-2020-36218"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-662"
    ],
    "github_reviewed": true,
    "github_reviewed_at": "2021-08-19T18:48:19Z",
    "nvd_published_at": null,
    "severity": "MODERATE"
  },
  "details": "An issue was discovered in the buttplug crate before 1.0.4 for Rust. ButtplugFutureStateShared does not properly consider (!Send|!Sync) objects, leading to a data race.",
  "id": "GHSA-r7rv-2rph-hvhj",
  "modified": "2021-08-19T18:48:19Z",
  "published": "2021-08-25T20:51:45Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2020-36218"
    },
    {
      "type": "WEB",
      "url": "https://github.com/buttplugio/buttplug-rs/issues/225"
    },
    {
      "type": "PACKAGE",
      "url": "https://github.com/buttplugio/buttplug-rs"
    },
    {
      "type": "WEB",
      "url": "https://rustsec.org/advisories/RUSTSEC-2020-0112.html"
    }
  ],
  "schema_version": "1.4.0",
  "severity": [
    {
      "score": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H",
      "type": "CVSS_V3"
    }
  ],
  "summary": "Improper synchronization in buttplug"
}

GHSA-R8Q9-Q4R9-JJ89

Vulnerability from github – Published: 2023-01-24 00:30 – Updated: 2023-02-08 21:30
VLAI
Details

Western Digital has identified a weakness in the UFS standard that could result in a security vulnerability. This vulnerability may exist in some systems where the Host boot ROM code implements the UFS Boot feature to boot from UFS compliant storage devices. The UFS Boot feature, as specified in the UFS standard, is provided by UFS devices to support platforms that need to download the system boot loader from external non-volatile storage locations. Several scenarios have been identified in which adversaries may disable the boot capability, or revert to an old boot loader code, if the host boot ROM code is improperly implemented. UFS Host Boot ROM implementers may be impacted by this vulnerability. UFS devices are only impacted when connected to a vulnerable UFS Host and are not independently impacted by this vulnerability. When present, the vulnerability is in the UFS Host implementation and is not a vulnerability in Western Digital UFS Devices. Western Digital has provided details of the vulnerability to the JEDEC standards body, multiple vendors of host processors, and software solutions providers.

Show details on source website

{
  "affected": [],
  "aliases": [
    "CVE-2022-23005"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-662"
    ],
    "github_reviewed": false,
    "github_reviewed_at": null,
    "nvd_published_at": "2023-01-23T22:15:00Z",
    "severity": "HIGH"
  },
  "details": "Western Digital has identified a weakness in the UFS standard that could result in a security vulnerability. This vulnerability may exist in some systems where the Host boot ROM code implements the UFS Boot feature to boot from UFS compliant storage devices. The UFS Boot feature, as specified in the UFS standard, is provided by UFS devices to support platforms that need to download the system boot loader from external non-volatile storage locations. Several scenarios have been identified in which adversaries may disable the boot capability, or revert to an old boot loader code, if the host boot ROM code is improperly implemented. UFS Host Boot ROM implementers may be impacted by this vulnerability. UFS devices are only impacted when connected to a vulnerable UFS Host and are not independently impacted by this vulnerability. When present, the vulnerability is in the UFS Host implementation and is not a vulnerability in Western Digital UFS Devices. Western Digital has provided details of the vulnerability to the JEDEC standards body, multiple vendors of host processors, and software solutions providers.",
  "id": "GHSA-r8q9-q4r9-jj89",
  "modified": "2023-02-08T21:30:21Z",
  "published": "2023-01-24T00:30:33Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2022-23005"
    },
    {
      "type": "WEB",
      "url": "https://documents.westerndigital.com/content/dam/doc-library/en_us/assets/public/western-digital/collateral/white-paper/white-paper-host-boot-rom-code-vulnerability-and-mitigation.pdf"
    },
    {
      "type": "WEB",
      "url": "https://www.westerndigital.com/support/product-security/wdc-23001-host-boot-rom-code-vulnerability-in-systems-implementing-ufs-boot-feature"
    }
  ],
  "schema_version": "1.4.0",
  "severity": [
    {
      "score": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:C/C:N/I:H/A:H",
      "type": "CVSS_V3"
    }
  ]
}

Mitigation
Implementation

Use industry standard APIs to synchronize your code.

CAPEC-25: Forced Deadlock

The adversary triggers and exploits a deadlock condition in the target software to cause a denial of service. A deadlock can occur when two or more competing actions are waiting for each other to finish, and thus neither ever does. Deadlock conditions can be difficult to detect.

CAPEC-26: Leveraging Race Conditions

The adversary targets a race condition occurring when multiple processes access and manipulate the same resource concurrently, and the outcome of the execution depends on the particular order in which the access takes place. The adversary can leverage a race condition by "running the race", modifying the resource and modifying the normal execution flow. For instance, a race condition can occur while accessing a file: the adversary can trick the system by replacing the original file with their version and cause the system to read the malicious file.

CAPEC-27: Leveraging Race Conditions via Symbolic Links

This attack leverages the use of symbolic links (Symlinks) in order to write to sensitive files. An attacker can create a Symlink link to a target file not otherwise accessible to them. When the privileged program tries to create a temporary file with the same name as the Symlink link, it will actually write to the target file pointed to by the attackers' Symlink link. If the attacker can insert malicious content in the temporary file they will be writing to the sensitive file by using the Symlink. The race occurs because the system checks if the temporary file exists, then creates the file. The attacker would typically create the Symlink during the interval between the check and the creation of the temporary file.

CAPEC-29: Leveraging Time-of-Check and Time-of-Use (TOCTOU) Race Conditions

This attack targets a race condition occurring between the time of check (state) for a resource and the time of use of a resource. A typical example is file access. The adversary can leverage a file access race condition by "running the race", meaning that they would modify the resource between the first time the target program accesses the file and the time the target program uses the file. During that period of time, the adversary could replace or modify the file, causing the application to behave unexpectedly.