Incorrect Synchronization

CVE-2024-58132

Medium

4/10

Summary

In chainmaker-go (aka ChainMaker) before 2.3.6, multiple updates to a single node's configuration can cause other normal nodes to perform concurrent read and write operations on a map, leading to a panic.

Attack Complexity: HIGH
Attack Vector: NETWORK
Integrity Impact: NONE
Scope: CHANGED
User Interaction: NONE
Privileges Required: NONE
Confidentiality Impact: NONE
Availability Impact: LOW

CWE-821 - Incorrect Synchronization

The software utilizes a shared resource in a concurrent manner, but it does not correctly synchronize access to the resource.

References

Advisory Timeline

Published Apr 06, 2025

Incorrect Synchronization

CVE-2024-58132

Summary

CWE-821 - Incorrect Synchronization

References

Advisory Timeline

ChainJacking

JetBrains IDE

KICS SaaS