Skip to main content

Improper Synchronization

CVE-2022-32648

Severity Medium
Score 6.4/10

Summary

In disp, there is a possible use after free due to a race condition. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS06535964; Issue ID: ALPS06535964.

  • HIGH
  • LOCAL
  • HIGH
  • UNCHANGED
  • NONE
  • HIGH
  • HIGH
  • HIGH

CWE-662 - Improper Synchronization

The software utilizes multiple threads or processes to allow temporary access to a shared resource that can only be exclusive to one process at a time, but it does not properly synchronize these actions, which might cause simultaneous accesses of this resource by multiple threads or processes.

References

Advisory Timeline

  • Published