Dark Mode

Settings

Capec-25 Detail

Forced Deadlock

Meta Software Likelihood: Low Typical Severity: High

Threats: T264 T265 T308 T309

Description

The adversary triggers and exploits a deadlock condition in the target software to cause a denial of service. A deadlock can occur when two or more competing actions are waiting for each other to finish, and thus neither ever does. Deadlock conditions can be difficult to detect.

Not present

External ID Source Link Description
CAPEC-25 capec https://capec.mitre.org/data/definitions/25.html
CWE-412 cwe http://cwe.mitre.org/data/definitions/412.html
CWE-567 cwe http://cwe.mitre.org/data/definitions/567.html
CWE-662 cwe http://cwe.mitre.org/data/definitions/662.html
CWE-667 cwe http://cwe.mitre.org/data/definitions/667.html
CWE-833 cwe http://cwe.mitre.org/data/definitions/833.html
CWE-1322 cwe http://cwe.mitre.org/data/definitions/1322.html
T1499.004 ATTACK https://attack.mitre.org/wiki/Technique/T1499/004 Endpoint Denial of Service: Application or System Exploitation
REF-1 reference_from_CAPEC G. Hoglund, G. McGraw, Exploiting Software: How to Break Code, 2004--02, Addison-Wesley
REF-101 reference_from_CAPEC http://en.wikipedia.org/wiki/Deadlock Wikipedia, The Wikimedia Foundation, Inc
REF-609 reference_from_CAPEC https://owasp.org/www-project-web-security-testing-guide/latest/4-Web_Application_Security_Testing/07-Input_Validation_Testing/07-Testing_for_XML_Injection.html OWASP Web Security Testing Guide, The Open Web Application Security Project (OWASP)
Explore

  1. The adversary initiates an exploratory phase to get familiar with the system.

  2. The adversary triggers a first action (such as holding a resource) and initiates a second action which will wait for the first one to finish.

  3. If the target program has a deadlock condition, the program waits indefinitely resulting in a denial of service.

  1. The target host has a deadlock condition. There are four conditions for a deadlock to occur, known as the Coffman conditions. [REF-101]
  2. The target host exposes an API to the user.

Not present

Medium
This type of attack may be sophisticated and require knowledge about the system's resources and APIs.
Availability
Resource Consumption (A successful forced deadlock attack compromises the availability of the system by exhausting its available resources.)
  1. An example of a deadlock which may occur in database products is the following. Client applications using the database may require exclusive access to a table, and in order to gain exclusive access they ask for a lock. If one client application holds a lock on a table and attempts to obtain the lock on a second table that is already held by a second client application, this may lead to deadlock if the second application then attempts to obtain the lock that is held by the first application (Source: Wikipedia, http://en.wikipedia.org/wiki/Deadlock)

We use cookies to ensure you get the best experience on our website.