CWE-667— Improper Locking
The product does not properly acquire or release a lock on a resource, leading to unexpected resource state changes and behaviors.— MITRE CWE catalog
700 active CVEs classified under this weakness category. Sourced from NVD, GHSA, and vendor advisories. Full definition on MITRE →
CVEs classified under CWE-667page 9 of 14
- CVE-2024-39468MEDIUMCVSS 5.5EG 5.52024-06-25
In the Linux kernel, the following vulnerability has been resolved: smb: client: fix deadlock in smb2_find_smb_tcon() Unlock cifs_tcp_ses_lock before calling cifs_put_smb_ses() to avoid such deadlock.
- CVE-2024-39476MEDIUMCVSS 5.5EG 5.52024-07-05
In the Linux kernel, the following vulnerability has been resolved: md/raid5: fix deadlock that raid5d() wait for itself to clear MD_SB_CHANGE_PENDING Xiao reported that lvm2 test lvconvert-raid-takeover.sh can hang with small possibilit…
- CVE-2024-40912MEDIUMCVSS 5.5EG 5.52024-07-12
In the Linux kernel, the following vulnerability has been resolved: wifi: mac80211: Fix deadlock in ieee80211_sta_ps_deliver_wakeup() The ieee80211_sta_ps_deliver_wakeup() function takes sta->ps_lock to synchronizes with ieee80211_tx_h_u…
- CVE-2024-40915MEDIUMCVSS 5.5EG 5.52024-07-12
In the Linux kernel, the following vulnerability has been resolved: riscv: rewrite __kernel_map_pages() to fix sleeping in invalid context __kernel_map_pages() is a debug function which clears the valid bit in page table entry for deallo…
- CVE-2024-40922MEDIUMCVSS 5.5EG 5.52024-07-12
In the Linux kernel, the following vulnerability has been resolved: io_uring/rsrc: don't lock while !TASK_RUNNING There is a report of io_rsrc_ref_quiesce() locking a mutex while not TASK_RUNNING, which is due to forgetting restoring the…
- CVE-2024-40965MEDIUMCVSS 5.5EG 5.52024-07-12
In the Linux kernel, the following vulnerability has been resolved: i2c: lpi2c: Avoid calling clk_get_rate during transfer Instead of repeatedly calling clk_get_rate for each transfer, lock the clock rate and cache the value. A deadlock …
- CVE-2024-40967MEDIUMCVSS 5.5EG 5.52024-07-12
In the Linux kernel, the following vulnerability has been resolved: serial: imx: Introduce timeout when waiting on transmitter empty By waiting at most 1 second for USR2_TXDC to be set, we avoid a potential deadlock. In case of the time…
- CVE-2024-40969MEDIUMCVSS 5.5EG 5.52024-07-12
In the Linux kernel, the following vulnerability has been resolved: f2fs: don't set RO when shutting down f2fs Shutdown does not check the error of thaw_super due to readonly, which causes a deadlock like below. f2fs_ioc_shutdown(F2FS_G…
- CVE-2024-40972MEDIUMCVSS 5.5EG 5.52024-07-12
In the Linux kernel, the following vulnerability has been resolved: ext4: do not create EA inode under buffer lock ext4_xattr_set_entry() creates new EA inodes while holding buffer lock on the external xattr block. This is problematic as…
- CVE-2024-40977MEDIUMCVSS 5.5EG 5.52024-07-12
In the Linux kernel, the following vulnerability has been resolved: wifi: mt76: mt7921s: fix potential hung tasks during chip recovery During chip recovery (e.g. chip reset), there is a possible situation that kernel worker reset_work is…
- CVE-2024-40980MEDIUMCVSS 5.5EG 5.52024-07-12
In the Linux kernel, the following vulnerability has been resolved: drop_monitor: replace spin_lock by raw_spin_lock trace_drop_common() is called with preemption disabled, and it acquires a spin_lock. This is problematic for RT kernels …
- CVE-2024-40981MEDIUMCVSS 5.5EG 5.52024-07-12
In the Linux kernel, the following vulnerability has been resolved: batman-adv: bypass empty buckets in batadv_purge_orig_ref() Many syzbot reports are pointing to soft lockups in batadv_purge_orig_ref() [1] Root cause is unknown, but w…
- CVE-2024-41036MEDIUMCVSS 5.5EG 5.52024-07-29
In the Linux kernel, the following vulnerability has been resolved: net: ks8851: Fix deadlock with the SPI chip variant When SMP is enabled and spinlocks are actually functional then there is a deadlock with the 'statelock' spinlock betw…
- CVE-2024-41063MEDIUMCVSS 5.5EG 5.52024-07-29
In the Linux kernel, the following vulnerability has been resolved: Bluetooth: hci_core: cancel all works upon hci_unregister_dev() syzbot is reporting that calling hci_release_dev() from hci_error_reset() due to hci_dev_put() from hci_e…
- CVE-2024-41080MEDIUMCVSS 5.5EG 5.52024-07-29
In the Linux kernel, the following vulnerability has been resolved: io_uring: fix possible deadlock in io_register_iowq_max_workers() The io_register_iowq_max_workers() function calls io_put_sq_data(), which acquires the sqd->lock withou…
- CVE-2024-42085MEDIUMCVSS 5.5EG 5.52024-07-29
In the Linux kernel, the following vulnerability has been resolved: usb: dwc3: core: remove lock of otg mode during gadget suspend/resume to avoid deadlock When config CONFIG_USB_DWC3_DUAL_ROLE is selected, and trigger system to enter su…
- CVE-2024-42090MEDIUMCVSS 5.5EG 5.52024-07-29
In the Linux kernel, the following vulnerability has been resolved: pinctrl: fix deadlock in create_pinctrl() when handling -EPROBE_DEFER In create_pinctrl(), pinctrl_maps_mutex is acquired before calling add_setting(). If add_setting() …
- CVE-2024-42114MEDIUMCVSS 4.4EG 5.52024-07-30
In the Linux kernel, the following vulnerability has been resolved: wifi: cfg80211: restrict NL80211_ATTR_TXQ_QUANTUM values syzbot is able to trigger softlockups, setting NL80211_ATTR_TXQ_QUANTUM to 2^31. We had a similar issue in sch_…
- CVE-2024-42140MEDIUMCVSS 5.5EG 5.52024-07-30
In the Linux kernel, the following vulnerability has been resolved: riscv: kexec: Avoid deadlock in kexec crash path If the kexec crash code is called in the interrupt context, the machine_kexec_mask_interrupts() function will trigger a …
- CVE-2024-42153MEDIUMCVSS 5.5EG 5.52024-07-30
In the Linux kernel, the following vulnerability has been resolved: i2c: pnx: Fix potential deadlock warning from del_timer_sync() call in isr When del_timer_sync() is called in an interrupt context it throws a warning because of potenti…
- CVE-2024-42239MEDIUMCVSS 5.5EG 5.52024-08-07
In the Linux kernel, the following vulnerability has been resolved: bpf: Fail bpf_timer_cancel when callback is being cancelled Given a schedule: timer1 cb timer2 cb bpf_timer_cancel(timer2); bpf_timer_cancel(timer1); Both bpf_timer…
- CVE-2024-42245MEDIUMCVSS 5.5EG 5.52024-08-07
In the Linux kernel, the following vulnerability has been resolved: Revert "sched/fair: Make sure to try to detach at least one movable task" This reverts commit b0defa7ae03ecf91b8bfd10ede430cff12fcbd06. b0defa7ae03ec changed the load b…
- CVE-2024-42250MEDIUMCVSS 5.5EG 5.52024-08-07
In the Linux kernel, the following vulnerability has been resolved: cachefiles: add missing lock protection when polling Add missing lock protection in poll routine when iterating xarray, otherwise: Even with RCU read lock held, only th…
- CVE-2024-42253MEDIUMCVSS 4.7EG 4.72024-08-08
In the Linux kernel, the following vulnerability has been resolved: gpio: pca953x: fix pca953x_irq_bus_sync_unlock race Ensure that `i2c_lock' is held when setting interrupt latch and mask in pca953x_irq_bus_sync_unlock() in order to avo…
- CVE-2024-42268MEDIUMCVSS 5.5EG 5.52024-08-17
In the Linux kernel, the following vulnerability has been resolved: net/mlx5: Fix missing lock on sync reset reload On sync reset reload work, when remote host updates devlink on reload actions performed on that host, it misses taking de…
- CVE-2024-42274MEDIUMCVSS 5.5EG 5.52024-08-17
In the Linux kernel, the following vulnerability has been resolved: Revert "ALSA: firewire-lib: operate for period elapse event in process context" Commit 7ba5ca32fe6e ("ALSA: firewire-lib: operate for period elapse event in process cont…
- CVE-2024-42294MEDIUMCVSS 5.5EG 5.52024-08-17
In the Linux kernel, the following vulnerability has been resolved: block: fix deadlock between sd_remove & sd_release Our test report the following hung task: [ 2538.459400] INFO: task "kworker/0:0":7 blocked for more than 188 seconds.…
- CVE-2024-42315MEDIUMCVSS 5.5EG 5.52024-08-17
In the Linux kernel, the following vulnerability has been resolved: exfat: fix potential deadlock on __exfat_get_dentry_set When accessing a file with more entries than ES_MAX_ENTRY_NUM, the bh-array is allocated in __exfat_get_entry_set…
- CVE-2024-43098MEDIUMCVSS 5.5EG 5.52025-01-11
In the Linux kernel, the following vulnerability has been resolved: i3c: Use i3cdev->desc->info instead of calling i3c_device_get_info() to avoid deadlock A deadlock may happen since the i3c_master_register() acquires &i3cbus->lock twice…
- CVE-2024-43849MEDIUMCVSS 5.5EG 5.52024-08-17
In the Linux kernel, the following vulnerability has been resolved: soc: qcom: pdr: protect locator_addr with the main mutex If the service locator server is restarted fast enough, the PDR can rewrite locator_addr fields concurrently. Pr…
- CVE-2024-43862MEDIUMCVSS 5.5EG 5.52024-08-21
In the Linux kernel, the following vulnerability has been resolved: net: wan: fsl_qmc_hdlc: Convert carrier_lock spinlock to a mutex The carrier_lock spinlock protects the carrier detection. While it is held, framer_get_status() is calle…
- CVE-2024-43863MEDIUMCVSS 5.5EG 5.52024-08-21
In the Linux kernel, the following vulnerability has been resolved: drm/vmwgfx: Fix a deadlock in dma buf fence polling Introduce a version of the fence ops that on release doesn't remove the fence from the pending list, and thus doesn't…
- CVE-2024-43872MEDIUMCVSS 5.5EG 5.52024-08-21
In the Linux kernel, the following vulnerability has been resolved: RDMA/hns: Fix soft lockup under heavy CEQE load CEQEs are handled in interrupt handler currently. This may cause the CPU core staying in interrupt context too long and l…
- CVE-2024-44951HIGHCVSS 7.8EG 7.82024-09-04
In the Linux kernel, the following vulnerability has been resolved: serial: sc16is7xx: fix TX fifo corruption Sometimes, when a packet is received on channel A at almost the same time as a packet is about to be transmitted on channel B, …
- CVE-2024-44953MEDIUMCVSS 5.5EG 5.52024-09-04
In the Linux kernel, the following vulnerability has been resolved: scsi: ufs: core: Fix deadlock during RTC update There is a deadlock when runtime suspend waits for the flush of RTC work, and the RTC work calls ufshcd_rpm_get_sync() to…
- CVE-2024-44956MEDIUMCVSS 5.5EG 5.52024-09-04
In the Linux kernel, the following vulnerability has been resolved: drm/xe/preempt_fence: enlarge the fence critical section It is really easy to introduce subtle deadlocks in preempt_fence_work_func() since we operate on single global o…
- CVE-2024-44957MEDIUMCVSS 5.5EG 5.52024-09-04
In the Linux kernel, the following vulnerability has been resolved: xen: privcmd: Switch from mutex to spinlock for irqfds irqfd_wakeup() gets EPOLLHUP, when it is called by eventfd_release() by way of wake_up_poll(&ctx->wqh, EPOLLHUP), …
- CVE-2024-44995MEDIUMCVSS 5.5EG 5.52024-09-04
In the Linux kernel, the following vulnerability has been resolved: net: hns3: fix a deadlock problem when config TC during resetting When config TC during the reset process, may cause a deadlock, the flow is as below: …
- CVE-2024-45003MEDIUMCVSS 4.7EG 4.72024-09-04
In the Linux kernel, the following vulnerability has been resolved: vfs: Don't evict inode under the inode lru traversing context The inode reclaiming process(See function prune_icache_sb) collects all reclaimable inodes and mark them wi…
- CVE-2024-45019MEDIUMCVSS 5.5EG 5.52024-09-11
In the Linux kernel, the following vulnerability has been resolved: net/mlx5e: Take state lock during tx timeout reporter mlx5e_safe_reopen_channels() requires the state lock taken. The referenced changed in the Fixes tag removed the loc…
- CVE-2024-45024MEDIUMCVSS 5.5EG 5.52024-09-11
In the Linux kernel, the following vulnerability has been resolved: mm/hugetlb: fix hugetlb vs. core-mm PT locking We recently made GUP's common page table walking code to also walk hugetlb VMAs without most hugetlb special-casing, prepa…
- CVE-2024-45029MEDIUMCVSS 5.5EG 5.52024-09-11
In the Linux kernel, the following vulnerability has been resolved: i2c: tegra: Do not mark ACPI devices as irq safe On ACPI machines, the tegra i2c module encounters an issue due to a mutex being called inside a spinlock. This leads to …
- CVE-2024-45818MEDIUMCVSS 6.5EG 6.52024-12-19
The hypervisor contains code to accelerate VGA memory accesses for HVM guests, when the (virtual) VGA is in "standard" mode. Locking involved there has an unusual discipline, leaving a lock acquired past the return from the function that …
- CVE-2024-46678MEDIUMCVSS 5.5EG 5.52024-09-13
In the Linux kernel, the following vulnerability has been resolved: bonding: change ipsec_lock from spin lock to mutex In the cited commit, bond->ipsec_lock is added to protect ipsec_list, hence xdo_dev_state_add and xdo_dev_state_delete…
- CVE-2024-46692MEDIUMCVSS 5.5EG 5.52024-09-13
In the Linux kernel, the following vulnerability has been resolved: firmware: qcom: scm: Mark get_wq_ctx() as atomic call Currently get_wq_ctx() is wrongly configured as a standard call. When two SMC calls are in sleep and one SMC wakes …
- CVE-2024-46733MEDIUMCVSS 5.5EG 5.52024-09-18
In the Linux kernel, the following vulnerability has been resolved: btrfs: fix qgroup reserve leaks in cow_file_range In the buffered write path, the dirty page owns the qgroup reserve until it creates an ordered_extent. Therefore, any …
- CVE-2024-46750MEDIUMCVSS 5.5EG 5.52024-09-18
In the Linux kernel, the following vulnerability has been resolved: PCI: Add missing bridge lock to pci_bus_lock() One of the true positives that the cfg_access_lock lockdep effort identified is this sequence: WARNING: CPU: 14 PID: 1 …
- CVE-2024-46791MEDIUMCVSS 5.5EG 5.52024-09-18
In the Linux kernel, the following vulnerability has been resolved: can: mcp251x: fix deadlock if an interrupt occurs during mcp251x_open The mcp251x_hw_wake() function is called with the mpc_lock mutex held and disables the interrupt ha…
- CVE-2024-46797MEDIUMCVSS 5.5EG 5.52024-09-18
In the Linux kernel, the following vulnerability has been resolved: powerpc/qspinlock: Fix deadlock in MCS queue If an interrupt occurs in queued_spin_lock_slowpath() after we increment qnodesp->count and before node->lock is initialized…
- CVE-2024-46829MEDIUMCVSS 5.5EG 5.52024-09-27
In the Linux kernel, the following vulnerability has been resolved: rtmutex: Drop rt_mutex::wait_lock before scheduling rt_mutex_handle_deadlock() is called with rt_mutex::wait_lock held. In the good case it returns with the lock held a…
Map vulnerabilities like CWE-667 to your infrastructure
EchelonGraph correlates every CVE — across CWE-667 and 150+ other weakness categories — against the assets you actually run. See blast radius, fix versions, and remediation steps in one graph.
Start Free Scan →