CWE-421 8 个 CVE MITRE 定义 ↗

CWE-421:Race Condition During Access to Alternate Channel

概览

CWE-421(Race Condition During Access to Alternate Channel)描述一种在漏洞数据库与安全评估中使用的弱点类型;定义、背景与映射 CVE 见下方各节。

安全影响
安全影响:因产品与场景而异;请结合 CVE 记录、严重度评分与 MITRE 说明进行优先级判断。

描述

The product opens an alternate channel to communicate with an authorized user, but the channel is accessible to other actors.

适用平台

类型 名称 普遍性 OS / CPE
language Not Language-Specific Undetermined

本库相关 CVE

下列 CVE 在本库中映射到该弱点,并保留以便追溯与检索。

CVE 公开时间 摘要
CVE-2023-43687 2025-08-14 An issue was discovered in Malwarebytes before 4.6.14.326 and before 5.1.5.116 (and Nebula 2020-10-21 and later). There is a Race condition that leads to code execution because of a lack of locks betw…
CVE-2023-32256 2025-08-01 A flaw was found in the Linux kernel's ksmbd component. A race condition between smb2 close operation and logoff in multichannel connections could result in a use-after-free issue.
CVE-2023-40536 2024-05-16 Race condition for some some Intel(R) PROSet/Wireless WiFi software for Windows before version 23.20 may allow an unauthenticated user to potentially enable denial of service via adjacent access.
CVE-2023-41090 2024-02-14 Race condition in some Intel(R) MAS software before version 2.3 may allow a privileged user to potentially enable escalation of privilege via local access.
CVE-2023-22310 2023-11-14 Race condition in some Intel(R) Aptio* V UEFI Firmware Integrator Tools may allow an authenticated user to potentially enable denial of service via local access.
CVE-2023-34438 2023-08-10 Race condition in some Intel(R) NUC BIOS firmware may allow a privileged user to potentially enable escalation of privilege via local access.
CVE-2023-34349 2023-08-10 Race condition in some Intel(R) NUC BIOS firmware may allow a privileged user to potentially enable escalation of privilege via local access.
CVE-2023-22276 2023-08-10 Race condition in firmware for some Intel(R) Ethernet Controllers and Adapters E810 Series before version 1.7.2.4 may allow an authenticated user to potentially enable denial of service via local acce…

曾用名

  • Alternate Channel Race Condition (2008-04-11)

内容提交

名称
PLOVER
日期
2006-07-19
版本
Draft 3

内容修订

日期 名称 版本 重要性 评论
2008-07-01 Eric Dalci 1.0 updated Potential_Mitigations, Time_of_Introduction
2008-09-08 CWE Content Team 1.0 updated Relationships, Observed_Example, Other_Notes, Taxonomy_Mappings, Type
2008-10-14 CWE Content Team 1.0.1 updated Description
2009-01-12 CWE Content Team 1.2 updated References
2011-06-01 CWE Content Team 1.13 updated Common_Consequences
2012-05-11 CWE Content Team 2.2 updated References, Relationships
2012-10-30 CWE Content Team 2.3 updated Potential_Mitigations
2014-06-23 CWE Content Team 2.7 updated Other_Notes
2014-07-30 CWE Content Team 2.8 updated Relationships
2017-11-08 CWE Content Team 3.0 updated Applicable_Platforms, Relationships
2020-02-24 CWE Content Team 4.0 updated Relationships
2023-04-27 CWE Content Team 4.11 updated References, Relationships
2023-06-29 CWE Content Team 4.12 updated Mapping_Notes
2025-09-09 CWE Content Team 4.18 updated Functional_Areas
2025-12-11 CWE Content Team 4.19 updated Weakness_Ordinalities
cvelogic Threat Intelligence