CWE-413
Improper Resource Locking
AI Translation Available
The product does not lock or does not correctly lock a resource when the product must have exclusive access to the resource.
Status
draft
Abstraction
base
Affected Platforms
Extended Description
AI Translation
When a resource is not properly locked, an attacker could modify the resource while it is being operated on by the product. This might violate the product's assumption that the resource will not change, potentially leading to unexpected behaviors.
Technical Details
AI Translation
Common Consequences
integrity
availability
Impacts
modify application data
dos: instability
dos: crash, exit, or restart
Detection Methods
automated static analysis
Potential Mitigations
Phases:
architecture and design
implementation
Descriptions:
•
Use a non-conflicting privilege scheme.
•
Use synchronization when locking a resource.