{"id":"CVE-2020-12658","details":"gssproxy (aka gss-proxy) before 0.8.3 does not unlock cond_mutex before pthread exit in gp_worker_main() in gp_workers.c. NOTE: An upstream comment states \"We are already on a shutdown path when running the code in question, so a DoS there doesn't make any sense, and there has been no additional information provided us (as upstream) to indicate why this would be a problem.","modified":"2026-04-16T04:31:56.598767036Z","published":"2020-12-31T01:15:12.553Z","related":["SUSE-SU-2021:1029-1","SUSE-SU-2021:1030-1","openSUSE-SU-2021:0531-1"],"references":[{"type":"ADVISORY","url":"https://github.com/gssapi/gssproxy/compare/v0.8.2...v0.8.3"},{"type":"ADVISORY","url":"https://lists.debian.org/debian-lts-announce/2021/01/msg00004.html"},{"type":"ADVISORY","url":"https://pagure.io/gssproxy/c/cb761412e299ef907f22cd7c4146d50c8a792003?branch=master"},{"type":"FIX","url":"https://github.com/gssapi/gssproxy/commit/cb761412e299ef907f22cd7c4146d50c8a792003"}],"affected":[{"ranges":[{"type":"GIT","repo":"https://github.com/gssapi/gssproxy","events":[{"introduced":"0"},{"fixed":"7b16d2387ae649698e8181c5888696ec8decc379"},{"fixed":"cb761412e299ef907f22cd7c4146d50c8a792003"}],"database_specific":{"versions":[{"introduced":"0"},{"fixed":"0.8.3"}]}}],"versions":["v0.8.0","v0.8.1","v0.8.2"],"database_specific":{"unresolved_ranges":[{"events":[{"introduced":"0"},{"last_affected":"9.0"}]}],"source":"https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2020-12658.json","vanir_signatures_modified":"2026-04-11T15:27:51Z","vanir_signatures":[{"signature_version":"v1","deprecated":false,"id":"CVE-2020-12658-3dd5a1e2","signature_type":"Line","source":"https://github.com/gssapi/gssproxy/commit/cb761412e299ef907f22cd7c4146d50c8a792003","digest":{"line_hashes":["54640710678816065676820337037606521400","135296166681145568386095559198534977615","94263839230411663761302891243876720687","236495842395608511330645660219638662377"],"threshold":0.9},"target":{"file":"src/gp_workers.c"}},{"deprecated":false,"source":"https://github.com/gssapi/gssproxy/commit/cb761412e299ef907f22cd7c4146d50c8a792003","id":"CVE-2020-12658-5a5b346d","signature_type":"Function","signature_version":"v1","digest":{"length":1140,"function_hash":"51459557422735618799701925522279373458"},"target":{"file":"src/gp_workers.c","function":"gp_worker_main"}}]}}],"schema_version":"1.7.5","severity":[{"type":"CVSS_V3","score":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"}]}