CVE Vulnerabilities

CVE-2024-58132

Incorrect Synchronization

Published: Apr 06, 2025 | Modified: Apr 07, 2025

CVSS 3.x

N/A

Source:

NVD

CVSS 2.x

RedHat/V2

RedHat/V3

Ubuntu

Additional information

NVD	https://nvd.nist.gov/vuln/detail/CVE-2024-58132
CWE	https://cwe.mitre.org/data/definitions/821.html

In chainmaker-go (aka ChainMaker) before 2.3.6, multiple updates to a single nodes configuration can cause other normal nodes to perform concurrent read and write operations on a map, leading to a panic.

Weakness

The product utilizes a shared resource in a concurrent manner, but it does not correctly synchronize access to the resource.

References

https://git.chainmaker.org.cn/chainmaker/issue/-/issues/1202

Aqua Container Security

Aqua Security is the largest pure-play cloud native security company, providing customers the freedom to innovate and run their businesses with minimal friction. The Aqua Cloud Native Security Platform provides prevention, detection, and response automation across the entire application lifecycle to secure the build, secure cloud infrastructure and secure running workloads wherever they are deployed.