Unlock of a Resource that is not Locked
Incomplete Base
Structure: Simple
Description
The product attempts to unlock a resource that is not locked.
Depending on the locking functionality, an unlock of a non-locked resource might cause memory corruption or other modification to the resource (or its associated metadata that is used for tracking locks).
Common Consequences 1
Scope: IntegrityConfidentialityAvailabilityOther
Impact: DoS: Crash, Exit, or RestartExecute Unauthorized Code or CommandsModify MemoryOther
Depending on the locking being used, an unlock operation might not have any adverse effects. When effects exist, the most common consequence will be a corruption of the state of the product, possibly leading to a crash or exit; depending on the implementation of the unlocking, memory corruption or code execution could occur.
Observed Examples 3
CVE-2010-4210function in OS kernel unlocks a mutex that was not previously locked, causing a panic or overwrite of arbitrary memory.
CVE-2008-4302Chain: OS kernel does not properly handle a failure of a function call (Improper Handling of Exceptional Conditions), leading to an unlock of a resource that was not locked (Unlock of a Resource that is not Locked), with resultant crash.
CVE-2009-1243OS kernel performs an unlock in some incorrect circumstances, leading to panic.
Related Weaknesses
ChildOf:
Improper Locking (CWE-667)