New to CAPEC? Start Here
Home > CAPEC List > CAPEC-25: Forced Deadlock (Version 3.9)  

CAPEC-25: Forced Deadlock

Attack Pattern ID: 25
Abstraction: Meta
View customized information:
+ Description
The adversary triggers and exploits a deadlock condition in the target software to cause a denial of service. A deadlock can occur when two or more competing actions are waiting for each other to finish, and thus neither ever does. Deadlock conditions can be difficult to detect.
+ Likelihood Of Attack

Low

+ Typical Severity

High

+ Relationships
Section HelpThis table shows the views that this attack pattern belongs to and top level categories within that view.
+ Execution Flow
Explore
  1. The adversary initiates an exploratory phase to get familiar with the system.
  2. The adversary triggers a first action (such as holding a resource) and initiates a second action which will wait for the first one to finish.
  3. If the target program has a deadlock condition, the program waits indefinitely resulting in a denial of service.
+ Prerequisites
The target host has a deadlock condition. There are four conditions for a deadlock to occur, known as the Coffman conditions. [REF-101]
The target host exposes an API to the user.
+ Skills Required
[Level: Medium]
This type of attack may be sophisticated and require knowledge about the system's resources and APIs.
+ Consequences
Section HelpThis table specifies different individual consequences associated with the attack pattern. The Scope identifies the security property that is violated, while the Impact describes the negative technical impact that arises if an adversary succeeds in their attack. The Likelihood provides information about how likely the specific consequence is expected to be seen relative to the other consequences in the list. For example, there may be high likelihood that a pattern will be used to achieve a certain impact, but a low likelihood that it will be exploited to achieve a different impact.
ScopeImpactLikelihood
Availability
Resource Consumption
+ Mitigations
Use known algorithm to avoid deadlock condition (for instance non-blocking synchronization algorithms).
For competing actions, use well-known libraries which implement synchronization.
+ Example Instances
An example of a deadlock which may occur in database products is the following. Client applications using the database may require exclusive access to a table, and in order to gain exclusive access they ask for a lock. If one client application holds a lock on a table and attempts to obtain the lock on a second table that is already held by a second client application, this may lead to deadlock if the second application then attempts to obtain the lock that is held by the first application (Source: Wikipedia, http://en.wikipedia.org/wiki/Deadlock)
+ Taxonomy Mappings
Section HelpCAPEC mappings to ATT&CK techniques leverage an inheritance model to streamline and minimize direct CAPEC/ATT&CK mappings. Inheritance of a mapping is indicated by text stating that the parent CAPEC has relevant ATT&CK mappings. Note that the ATT&CK Enterprise Framework does not use an inheritance model as part of the mapping to CAPEC.
Relevant to the ATT&CK taxonomy mapping
Entry IDEntry Name
1499.004Endpoint Denial of Service: Application or System Exploitation
+ References
[REF-1] G. Hoglund and G. McGraw. "Exploiting Software: How to Break Code". Addison-Wesley. 2004-02.
[REF-101] "Wikipedia". Deadlock. The Wikimedia Foundation, Inc. <http://en.wikipedia.org/wiki/Deadlock>.
[REF-609] "OWASP Web Security Testing Guide". Testing for XML Injection. The Open Web Application Security Project (OWASP). <https://owasp.org/www-project-web-security-testing-guide/latest/4-Web_Application_Security_Testing/07-Input_Validation_Testing/07-Testing_for_XML_Injection.html>.
+ Content History
Submissions
Submission DateSubmitterOrganization
2014-06-23
(Version 2.6)
CAPEC Content TeamThe MITRE Corporation
Modifications
Modification DateModifierOrganization
2017-01-09
(Version 2.9)
CAPEC Content TeamThe MITRE Corporation
Updated Related_Attack_Patterns, Type (Relationship -> Attack_Pattern)
2017-05-01
(Version 2.10)
CAPEC Content TeamThe MITRE Corporation
Updated Activation_Zone, Attack_Motivation-Consequences, Attack_Phases, Description Summary, Injection_Vector, Payload, Payload_Activation_Impact, Probing_Techniques, Related_Weaknesses, Solutions_and_Mitigations
2018-07-31
(Version 2.12)
CAPEC Content TeamThe MITRE Corporation
Updated References, Solutions_and_Mitigations
2020-07-30
(Version 3.3)
CAPEC Content TeamThe MITRE Corporation
Updated Prerequisites
2020-12-17
(Version 3.4)
CAPEC Content TeamThe MITRE Corporation
Updated References, Related_Weaknesses
2022-09-29
(Version 3.8)
CAPEC Content TeamThe MITRE Corporation
Updated Taxonomy_Mappings
More information is available — Please select a different filter.
Page Last Updated or Reviewed: July 31, 2018