Insufficient Synchronization
Weakness ID: 662 (Weakness Base)Status: Draft
+ Description

Description Summary

The software attempts to use a shared resource in an exclusive manner, but fails to prevent use by another thread or process.
+ Time of Introduction
  • Architecture and Design
  • Implementation
+ Potential Mitigations

Use industry standard APIs to synchronize your code.

+ Relationships
NatureTypeIDNameView(s) this relationship pertains toView(s)
ChildOfCategoryCategory361Time and State
Development Concepts (primary)699
ChildOfWeakness ClassWeakness Class691Insufficient Control Flow Management
Research Concepts (primary)1000
ChildOfCategoryCategory745CERT C Secure Coding Section 11 - Signals (SIG)
Weaknesses Addressed by the CERT C Secure Coding Standard (primary)734
CanPrecedeWeakness ClassWeakness Class362Race Condition
Development Concepts699
Research Concepts1000
ParentOfWeakness BaseWeakness Base373State Synchronization Error
Research Concepts (primary)1000
ParentOfWeakness VariantWeakness Variant543Use of Singleton Pattern in a Non-thread-safe Manner
Research Concepts (primary)1000
ParentOfWeakness BaseWeakness Base567Unsynchronized Access to Shared Data
Research Concepts (primary)1000
ParentOfWeakness BaseWeakness Base663Use of a Non-reentrant Function in an Unsynchronized Context
Research Concepts (primary)1000
ParentOfWeakness BaseWeakness Base667Insufficient Locking
Development Concepts (primary)699
Research Concepts (primary)1000
+ Taxonomy Mappings
Mapped Taxonomy NameNode IDFitMapped Node Name
CERT C Secure CodingSIG00-CMask signals handled by noninterruptible signal handlers
CERT C Secure CodingSIG31-CDo not access or modify shared objects in signal handlers
+ Related Attack Patterns
CAPEC-IDAttack Pattern Name
(CAPEC Version: 1.4)
25Forced Deadlock
26Leveraging Race Conditions
27Leveraging Race Conditions via Symbolic Links
29Leveraging Time-of-Check and Time-of-Use (TOCTOU) Race Conditions
+ Content History
Modifications
Modification DateModifierOrganizationSource
2008-07-01Eric DalciCigitalExternal
updated Potential Mitigations, Time of Introduction
2008-09-08CWE Content TeamMITREInternal
updated Relationships
2008-10-14CWE Content TeamMITREInternal
updated Relationships
2008-11-24CWE Content TeamMITREInternal
updated Relationships, Taxonomy Mappings
2009-03-10CWE Content TeamMITREInternal
updated Related Attack Patterns
2009-05-27CWE Content TeamMITREInternal
updated Relationships