Description

The software does not properly acquire or release a lock on a resource, leading to unexpected resource state changes and behaviors.

Modes of Introduction:

– Architecture and Design

Related Weaknesses

CWE-662
CWE-662
CWE-662
CWE-662

Consequences

Availability: DoS: Resource Consumption (CPU)

Inconsistent locking discipline can lead to deadlock.

Potential Mitigations

Phase: Implementation

Description: 

Use industry standard APIs to implement locking mechanism.

CVE References

• CVE-2009-0935
  • Attacker provides invalid address to a memory-reading function, causing a mutex to be unlocked twice

• CVE-2010-4210
  • function in OS kernel unlocks a mutex that was not previously locked, causing a panic or overwrite of arbitrary memory.

• CVE-2008-4302
  • Chain: OS kernel does not properly handle a failure of a function call (CWE-755), leading to an unlock of a resource that was not locked (CWE-832), with resultant crash.

• CVE-2009-1243
  • OS kernel performs an unlock in some incorrect circumstances, leading to panic.

• CVE-2009-2857
  • OS deadlock

• CVE-2009-1961
  • OS deadlock involving 3 separate functions

• CVE-2009-2699
  • deadlock in library

• CVE-2009-4272
  • deadlock triggered by packets that force collisions in a routing table

• CVE-2002-1850
  • read/write deadlock between web server and script

• CVE-2004-0174
  • web server deadlock involving multiple listening connections

• CVE-2009-1388
  • multiple simultaneous calls to the same function trigger deadlock.

• CVE-2006-5158
  • chain: other weakness leads to NULL pointer dereference (CWE-476) or deadlock (CWE-833).

• CVE-2006-4342
  • deadlock when an operation is performed on a resource while it is being removed.

• CVE-2006-2374
  • Deadlock in device driver triggered by using file handle of a related device.

• CVE-2006-2275
  • Deadlock when large number of small messages cannot be processed quickly enough.

• CVE-2005-3847
  • OS kernel has deadlock triggered by a signal during a core dump.

• CVE-2005-3106
  • Race condition leads to deadlock.

• CVE-2005-2456
  • Chain: array index error (CWE-129) leads to deadlock (CWE-833)

• CVE-2001-0682
  • Program can not execute when attacker obtains a mutex.

• CVE-2002-1914
  • Program can not execute when attacker obtains a lock on a critical output file.

• CVE-2002-1915
  • Program can not execute when attacker obtains a lock on a critical output file.

• CVE-2002-0051
  • Critical file can be opened with exclusive read access by user, preventing application of security policy. Possibly related to improper permissions, large-window race condition.

• CVE-2000-0338
  • Chain: predictable file names used for locking, allowing attacker to create the lock beforehand. Resultant from permissions and randomness.

• CVE-2000-1198
  • Chain: Lock files with predictable names. Resultant from randomness.

• CVE-2002-1869
  • Product does not check if it can write to a log file, allowing attackers to avoid logging by accessing the file using an exclusive lock. Overlaps unchecked error condition. This is not quite CWE-412, but close.