CVEbaza.plCWE DictionaryCWE-414
Common Weakness Enumeration

CWE-414

Missing Lock Check

Category: BaseCVE: 5
Description

A product does not check to see if a lock is present before performing sensitive operations on a resource.

CVE vulnerabilities with CWE-414 (5)
8.8
CVSS
HIGH
CVE-2026-53071

In the Linux kernel, the following vulnerability has been resolved: Bluetooth: l2cap: Add missing chan lock in l2cap_ecred_reconf_rsp l2cap_ecred_reconf_rsp() calls l2cap_chan_del() without holding l2cap_chan_lock(). Every other l2cap_chan_del() caller in the file acquires the lock first. A remote BLE device can send a crafted L2CAP ECRED reconfiguration response to corrupt the channel list while another thread is iterating it. Add l2cap_chan_hold() and l2cap_chan_lock() before l2cap_chan_del(), and l2cap_chan_unlock() and l2cap_chan_put() after, matching the pattern used in l2cap_ecred_conn_rsp() and l2cap_conn_del().

pub. 2026-06-24
6.7
CVSS
MEDIUM
CVE-2025-54625

Race condition vulnerability in the kernel file system module. Impact: Successful exploitation of this vulnerability may affect availability.

pub. 2025-08-06
5.9
CVSS
MEDIUM
CVE-2025-54510

A missing lock verification in AMD Secure Processor (ASP) firmware may permit a locally authenticated attacker with administrative privileges to alter MMIO routing on some Zen 5-based products, potentially compromising guest system integrity.

pub. 2026-04-16
5.5
CVSS
MEDIUM
CVE-2023-5447

Missing lock check in SynHsaService may create a use-after-free condition which causes abnormal termination of the service, resulting in denial of service for the Synaptics Hardware Support App.

pub. 2024-05-14
2.1
CVSS
LOW
CVE-2026-54906

concurrent-ruby is a modern concurrency tools for Ruby. Prior to 1.3.7, Concurrent::ReadWriteLock#release_write_lock does not verify that the calling thread acquired the write lock. Any thread with access to the lock object can release an active write lock held by another thread. A second writer can then enter its critical section while the first writer is still running. Concurrent::ReadWriteLock#release_read_lock also decrements the shared counter even when no read lock is held. Calling it on a fresh lock changes the counter from 0 to -1, after which normal read acquisition raises Concurrent::ResourceLimitError. This is a synchronization correctness issue in the public Concurrent::ReadWriteLock API. This vulnerability is fixed in 1.3.7.

pub. 2026-06-24
Information
ID: CWE-414
Type: Base
Vulnerabilities: 5
MITRE CWE ↗
← CWE Dictionary