Common Attack Pattern Enumeration and Classification
A Community Resource for Identifying and Understanding Attacks
The adversary triggers and exploits a deadlock condition in the target software to cause a denial of service. A deadlock can occur when two or more competing actions are waiting for each other to finish, and thus neither ever does. Deadlock conditions can be difficult to detect.
An example of a deadlock which may occur in database products is the following. Client applications using the database may require exclusive access to a table, and in order to gain exclusive access they ask for a lock. If one client application holds a lock on a table and attempts to obtain the lock on a second table that is already held by a second client application, this may lead to deadlock if the second application then attempts to obtain the lock that is held by the first application (Source: Wikipedia, http://en.wikipedia.org/wiki/Deadlock)
Skill or Knowledge Level: Medium
This type of attack may be sophisticated and require knowledge about the system's resources and APIs.
The adversary can probe by trying to hold resources and call APIs which are directly using the same resources.
The adversary may try to find actions (threads, processes) competing for the same resources.
Use known algorithm to avoid deadlock condition (for instance non-blocking synchronization algorithms).
For competing actions, use well-known libraries which implement synchronization.
[R.25.1] [REF-2] G. Hoglund and G. McGraw. "Exploiting Software: How to Break Code". Addison-Wesley. February 2004.
[R.25.2] [REF-3] "Common Weakness Enumeration (CWE)". CWE-412 - Unrestricted Critical Resource Lock. Draft. The MITRE Corporation. 2007. <http://cwe.mitre.org/data/definitions/412.html>.
More information is available — Please select a different filter.