A race condition is an undesirable situation that occurs when a device or system attempts to perform two or more operations at the same time, but because of the nature of the device or system, the operations must be done in the proper sequence to be done correctly. It is a flaw that occurs in the timing or the ordering of events that leads to erroneous program behavior. Race conditions can occur in electronics, software, or other systems where the systems substantive behavior is dependent on the sequence or timing of other uncontrollable events. They can occur especially in logic circuits, multithreaded, or distributed software programs.

A typical example of a race condition may occur when a logic gate combines signals that have traveled along different paths from the same source. The inputs to the gate can change at slightly different times in response to a change in the source signal. The output may, for a brief period, change to an unwanted state before settling back to the designed state. Another example is when two threads access a shared variable at the same time, and the first thread and second thread perform their operations on the value, and they race to see which thread can write the value last to the shared variable.

There are two categories that define the impact of the race condition on a system, referred to as critical and noncritical. A critical race condition occurs when the order in which internal variables are changed determines the eventual state that the state machine will end up in. The most common symptom of a race condition is unpredictable values of variables that are shared between multiple threads.

Race conditions are considered a common issue for multithreaded applications. They are a common type of vulnerability closely related to business logic flaws. A race condition attack uses carefully timed requests to cause intentional collisions and exploit this unintended behavior for malicious purposes.