concurrency bug

The Linux kernel’s md/raid5 code contained a subtle but dangerous integer‑overflow bug in the function raid5_cache_count() that was tracked as CVE‑2024‑23307 — a defect that can be forced by concurrent modifications of RAID stripe‑count variables and that may lead to a sustained or persistent...

A concurrency flaw in libcurl’s HSTS sharing code can cause a double-free or use-after-free when two threads share the same HSTS storage, producing crashes and availability failures for affected applications; the bug was disclosed as CVE-2023-27537 and addressed by the curl project and...