CWE-833: Deadlock
CWE版本: 4.18
更新日期: 2025-09-09
弱点描述
The product contains multiple threads or executable segments that are waiting for each other to release a necessary lock, resulting in deadlock.
常见后果
影响范围: Availability
技术影响: DoS: Resource Consumption (CPU) DoS: Resource Consumption (Other) DoS: Crash, Exit, or Restart
说明: Each thread of execution will "hang" and prevent tasks from completing. In some cases, CPU consumption may occur if a lock check occurs in a tight loop.
观察示例
参考: CVE-1999-1476
A bug in some Intel Pentium processors allow DoS (hang) via an invalid "CMPXCHG8B" instruction, causing a deadlock
参考: CVE-2009-2857
OS deadlock
参考: CVE-2009-1961
OS deadlock involving 3 separate functions
参考: CVE-2009-2699
deadlock in library
参考: CVE-2009-4272
deadlock triggered by packets that force collisions in a routing table
参考: CVE-2002-1850
read/write deadlock between web server and script
参考: CVE-2004-0174
web server deadlock involving multiple listening connections
参考: CVE-2009-1388
multiple simultaneous calls to the same function trigger deadlock.
参考: CVE-2006-5158
chain: other weakness leads to NULL pointer dereference (CWE-476) or deadlock (CWE-833).
参考: CVE-2006-4342
deadlock when an operation is performed on a resource while it is being removed.
参考: CVE-2006-2374
Deadlock in device driver triggered by using file handle of a related device.
参考: CVE-2006-2275
Deadlock when large number of small messages cannot be processed quickly enough.
参考: CVE-2005-3847
OS kernel has deadlock triggered by a signal during a core dump.
参考: CVE-2005-3106
Race condition leads to deadlock.
参考: CVE-2005-2456
Chain: array index error (CWE-129) leads to deadlock (CWE-833)
分类映射
| 分类名称 | 条目ID | 条目名称 | 映射适配度 |
|---|---|---|---|
| The CERT Oracle Secure Coding Standard for Java (2011) | LCK08-J | Ensure actively held locks are released on exceptional conditions | - |