CWE-364 - Signal Handler Race Condition

Read Time:1 Minute, 33 Second

Description

The software uses a signal handler that introduces a race condition.

Modes of Introduction:

– Architecture and Design

Likelihood of Exploit: Medium

Related Weaknesses

CWE-362
CWE-415
CWE-416
CWE-123

Consequences

Integrity, Confidentiality, Availability: Modify Application Data, Modify Memory, DoS: Crash, Exit, or Restart, Execute Unauthorized Code or Commands

It may be possible to cause data corruption and possibly execute arbitrary code by modifying global variables or data structures at unexpected times, violating the assumptions of code that uses this global data.

Access Control: Gain Privileges or Assume Identity

If a signal handler interrupts code that is executing with privileges, it may be possible that the signal handler will also be executed with elevated privileges, possibly making subsequent exploits more severe.

Potential Mitigations

Phase: Requirements

Description:

Use a language that does not allow this weakness to occur or provides constructs that make this weakness easier to avoid.

Phase: Architecture and Design

Description:

Design signal handlers to only set flags, rather than perform complex functionality. These flags can then be checked and acted upon within the main program loop.

Phase: Implementation

Description:

Only use reentrant functions within signal handlers. Also, use validation to ensure that state is consistent while performing asynchronous actions that affect the state of execution.

CVE References

CVE-1999-0035
- Signal handler does not disable other signal handlers, allowing it to be interrupted, causing other functionality to access files/etc. with raised privileges

CVE-2001-0905
- Attacker can send a signal while another signal handler is already running, leading to crash or execution with root privileges

CVE-2001-1349
- unsafe calls to library functions from signal handler

CVE-2004-0794
- SIGURG can be used to remotely interrupt signal handler; other variants exist

CVE-2004-2259
- SIGCHLD signal to FTP server can cause crash under heavy load while executing non-reentrant functions like malloc/free.

InCVE-1999-0035, CWE- 364, Signal Handler Race Condition

The AI Fix #30: ChatGPT reveals the devastating truth about Santa (Merry Christmas!)

US and Japan Blame North Korea for $308m Crypto Heist

Spyware Maker NSO Group Found Liable for Hacking WhatsApp

Spyware Maker NSO Group Liable for WhatsApp User Hacks

Major Biometric Data Farming Operation Uncovered

Ransomware Attack Exposes Data of 5.6 Million Ascension Patients

Critical Vulnerabilities Found in WordPress Plugins WPLMS and VibeBP

Criminal Complaint against LockBit Ransomware Writer

Cryptomining Malware Found in Popular Open Source Packages

CWE-364 – Signal Handler Race Condition

Description

Related Weaknesses

Consequences

Potential Mitigations

CVE References

The Most Dangerous Vulnerabilities in Apache Tomcat and How to Protect Against Them

ZDI-CAN-18333: A Critical Zero-Day Vulnerability in Microsoft Windows

CWE-669 – Incorrect Resource Transfer Between Spheres

CWE-67 – Improper Handling of Windows Device Names

CWE-670 – Always-Incorrect Control Flow Implementation

CWE-671 – Lack of Administrator Control over Security