Libuv · Libuv · CVE-2014-9748
Name of the Vulnerable Software and Affected Versions:
libuv versions prior to 1.7.4
Description:
The issue is related to the uv rwlock t fallback implementation for Windows XP and Server 2003 in libuv. It does not properly prevent threads from releasing the locks of other threads, which allows attackers to cause a denial of service (deadlock) or possibly have unspecified other impact by leveraging a race condition.
Recommendations:
For versions prior to 1.7.4, update to version 1.7.4 or later to resolve the issue.