[Forgot Password]
Login  Register Subscribe

30389

 
 

423868

 
 

244625

 
 

909

 
 

193379

 
 

277

Paid content will be excluded from the download.


Download | Alert*
CWE
view XML

Improper Synchronization

ID: 662Date: (C)2012-05-14   (M)2022-10-10
Type: weaknessStatus: DRAFT
Abstraction Type: Base





Description

The software attempts to use a shared resource in an exclusive manner, but does not prevent or incorrectly prevents use of the resource by another thread or process.

Applicable Platforms
None

Time Of Introduction

  • Architecture and Design
  • Implementation

Related Attack Patterns

Common Consequences

ScopeTechnical ImpactNotes
Integrity
Confidentiality
Other
 
Modify application data
Read application data
Alter execution logic
 
 

Detection Methods
None

Potential Mitigations

PhaseStrategyDescriptionEffectivenessNotes
Implementation
 
 Use industry standard APIs to synchronize your code.
 
  

Relationships

Related CWETypeViewChain
CWE-662 ChildOf CWE-894 Category CWE-888  

Demonstrative Examples
None

White Box Definitions
None

Black Box Definitions
None

Taxynomy Mappings

TaxynomyIdNameFit
CERT C Secure Coding SIG00-C
 
Mask signals handled by noninterruptible signal handlers
 
 
CERT C Secure Coding SIG31-C
 
Do not access or modify shared objects in signal handlers
 
 
CLASP  State synchronization error
 
 
CERT Java Secure Coding VNA03-J
 
Do not assume that a group of calls to independently atomic methods is atomic
 
 
CERT C++ Secure Coding SIG00-CPP
 
Mask signals handled by noninterruptible signal handlers
 
 
CERT C++ Secure Coding SIG31-CPP
 
Do not access or modify shared objects in signal handlers
 
 

References:
None

CVE    14
CVE-2016-8368
CVE-2021-0147
CVE-2021-20592
CVE-2021-25376
...

© SecPod Technologies