This depends on where you get the DbContext
from. Its instance methods are not thread safe.
If it is created in a ASP.NET request scope (you have a new instance in each of independent requests) then you are safe, the code is correct.
If it is shared then anything can happen, most probably you would get exceptions from concurrent access to the same db context.
Learn more from similar threads