You are using an out of date browser. It may not display this or other websites correctly. You should upgrade or use an alternative browser.
kernel-race-condition
About this tag
The kernel-race-condition tag covers discussions about concurrency bugs in operating system kernels that can lead to security vulnerabilities. Recent content includes CVE-2026-23411, a Linux kernel AppArmor race condition causing denial of service through total availability loss, and CVE-2025-54105, a local elevation-of-privilege vulnerability in Microsoft's Brokering File System (BFS) stemming from a race condition. These threads highlight how race conditions in kernel or kernel-adjacent components can be exploited by local attackers for crashes, stalls, or privilege escalation. The tag focuses on technical analysis of such flaws, their impact on system security, and mitigation strategies.
The phrase “There is total loss of availability…” is the key severity language that Microsoft is attaching to CVE-2026-23411, a Linux kernel AppArmor flaw that has been described as a race between freeing data and filesystem code still accessing it. In practical terms, that means an unprivileged...
Microsoft has published an advisory for CVE-2025-54105 — a local elevation-of-privilege vulnerability in the Microsoft Brokering File System (BFS) caused by a concurrency bug (race condition) that can be exploited by an authenticated local user to gain elevated rights on the host. Background
The...