CAPEC-25: Forced Deadlock
CAPEC版本: 3.9
更新日期: 2023-01-24
攻击模式描述
The adversary triggers and exploits a deadlock condition in the target software to cause a denial of service. A deadlock can occur when two or more competing actions are waiting for each other to finish, and thus neither ever does. Deadlock conditions can be difficult to detect.
执行流程
步骤 1 Explore
The adversary initiates an exploratory phase to get familiar with the system.
步骤 2 Explore
The adversary triggers a first action (such as holding a resource) and initiates a second action which will wait for the first one to finish.
步骤 3 Explore
If the target program has a deadlock condition, the program waits indefinitely resulting in a denial of service.
前提条件
- The target host has a deadlock condition. There are four conditions for a deadlock to occur, known as the Coffman conditions. [REF-101]
- The target host exposes an API to the user.
所需技能
后果影响
影响范围: Availability
技术影响: Resource Consumption
说明: A successful forced deadlock attack compromises the availability of the system by exhausting its available resources.
缓解措施
Use known algorithm to avoid deadlock condition (for instance non-blocking synchronization algorithms).
For competing actions, use well-known libraries which implement synchronization.
示例实例
An example of a deadlock which may occur in database products is the following. Client applications using the database may require exclusive access to a table, and in order to gain exclusive access they ask for a lock. If one client application holds a lock on a table and attempts to obtain the lock on a second table that is already held by a second client application, this may lead to deadlock if the second application then attempts to obtain the lock that is held by the first application (Source: Wikipedia, http://en.wikipedia.org/wiki/Deadlock)
分类映射
| 分类名称 | 条目ID | 条目名称 |
|---|---|---|
| ATTACK | 1499.004 | Endpoint Denial of Service: Application or System Exploitation |