Signal Errors
Category ID: 387 (Category)Status: Incomplete
+ Description

Description Summary

Weaknesses in this category are related to the improper handling of signals.
+ Applicable Platforms




+ Observed Examples
CVE-2002-2039unhandled SIGSERV signal allows core dump
CVE-1999-1224SIGABRT (abort) signal not properly handled, causing core dump.
CVE-2004-1014Remote attackers cause a crash using early connection termination, which generates SIGPIPE signal.
CVE-2005-2377Library does not handle a SIGPIPE signal when a server becomes available during a search query. Overlaps unchecked error condition?
CVE-2002-0839SIGUSR1 can be sent as root from non-root process.
CVE-1999-1441Kernel does not prevent users from sending SIGIO signal, which causes crash in applications that do not handle it. Overlaps privileges.
CVE-2000-0747Script sends wrong signal to a process and kills it.
CVE-1999-1326Interruption of operation causes signal to be handled incorrectly, leading to crash.
CVE-2001-1180Shared signal handlers not cleared when executing a process. Overlaps initialization error.
CVE-2004-2069Privileged process does not properly signal unprivileged process after session termination, leading to connection consumption.
CVE-2004-2259SIGCHLD signal to FTP server can cause crash under heavy load while executing non-reentrant functions like malloc/free. Possibly signal handler race condition?
CVE-2005-0893Certain signals implemented with unsafe library calls.
+ Relationships
NatureTypeIDNameView(s) this relationship pertains toView(s)
ChildOfCategoryCategory361Time and State
Development Concepts (primary)699
ChildOfCategoryCategory634Weaknesses that Affect System Processes
Resource-specific Weaknesses (primary)631
ParentOfWeakness BaseWeakness Base364Signal Handler Race Condition
Development Concepts699
+ Affected Resources
  • System Process
+ Taxonomy Mappings
Mapped Taxonomy NameNode IDFitMapped Node Name
PLOVERSignal Errors
+ Maintenance Notes

Several sub-categories could exist, but this needs more study. Some sub-categories might be unhandled signals, untrusted signals, and sending the wrong signals.

+ Content History
Submission DateSubmitterOrganizationSource
PLOVERExternally Mined
Modification DateModifierOrganizationSource
2008-09-08CWE Content TeamMITREInternal
updated Applicable Platforms, Description, Maintenance Notes, Relationships, Observed Example, Other Notes, Taxonomy Mappings, Type
2009-07-27CWE Content TeamMITREInternal
updated Observed Examples
2009-12-28CWE Content TeamMITREInternal
updated Other Notes