Category: Resource Locking Problems
Draft
Summary
Weaknesses in this category are related to improper handling of locks that are used to control access to resources.
Membership
| ID | Name | Description |
|---|---|---|
| CWE-412 | Unrestricted Externally Accessible Lock | The product properly checks for the existence of a lock, but the lock can be externally controlled or influenced by an actor that is outside of the intended sphere of control. |
| CWE-413 | Improper Resource Locking | The product does not lock or does not correctly lock a resource when the product must have exclusive access to the resource. |
| CWE-414 | Missing Lock Check | A product does not check to see if a lock is present before performing sensitive operations on a resource. |
| CWE-609 | Double-Checked Locking | The product uses double-checked locking to access a resource without the overhead of explicit synchronization, but the locking is insufficient. |
| CWE-764 | Multiple Locks of a Critical Resource | The product locks a critical resource more times than intended, leading to an unexpected state in the system. |
| CWE-765 | Multiple Unlocks of a Critical Resource | The product unlocks a critical resource more times than intended, leading to an unexpected state in the system. |
| CWE-832 | Unlock of a Resource that is not Locked | The product attempts to unlock a resource that is not locked. |
| CWE-833 | Deadlock | The product contains multiple threads or executable segments that are waiting for each other to release a necessary lock, resulting in deadlock. |
| CWE-699 | Software Development | This view organizes weaknesses around concepts that are frequently used or encountered in software development. This includes all aspects of the software development lifecycle including both architecture and implementation. Accordingly, this view can align closely with the perspectives of architects, developers, educators, and assessment vendors. It provides a variety of categories that are intended to simplify navigation, browsing, and mapping. |
Vulnerability Mapping Notes
Usage: Prohibited
Reasons: Category
Rationale:
This entry is a Category. Using categories for mapping has been discouraged since 2019. Categories are informal organizational groupings of weaknesses that can help CWE users with data aggregation, navigation, and browsing. However, they are not weaknesses in themselves.
Comment:
See member weaknesses of this category.