The adversary triggers and exploits a deadlock condition in the target software to cause a denial of service. A deadlock can occur when two or more competing actions are waiting for each other to finish, and thus neither ever does. Deadlock conditions can be difficult to detect.
|
|
| ID | CAPEC-25 |
| Latest Sync Date | 11/05/25 15:15:38 |
| Original ID | 25 |
| Abstraction | Meta |
| Status | Stable |
| Alternate Terms | |
| Likelihood Of Attack | Low |
| Typical Severity | High |
| Related Attack Patterns | |
| Execution Flow | ::STEP:1:PHASE:Explore:DESCRIPTION:The adversary initiates an exploratory phase to get familiar with the system.::STEP:2:PHASE:Explore:DESCRIPTION:The adversary triggers a first action (such as holding a resource) and initiates a second action which will wait for the first one to finish.::STEP:3:PHASE:Explore:DESCRIPTION:If the target program has a deadlock condition, the program waits indefinitely resulting in a denial of service.:: |
| Prerequisites | ::The target host has a deadlock condition. There are four conditions for a deadlock to occur, known as the Coffman conditions. [REF-101]::The target host exposes an API to the user.:: |
| Skills Required | ::SKILL:This type of attack may be sophisticated and require knowledge about the system's resources and APIs.:LEVEL:Medium:: |
| Resources Required | |
| Indicators | |
| Consequences | ::SCOPE:Availability:TECHNICAL IMPACT:Resource Consumption:NOTE:A successful forced deadlock attack compromises the availability of the system by exhausting its available resources.:: |
| Mitigations | ::Use known algorithm to avoid deadlock condition (for instance non-blocking synchronization algorithms).::For competing actions, use well-known libraries which implement synchronization.:: |
| Example Instances | ::An example of a deadlock which may occur in database products is the following. Client applications using the database may require exclusive access to a table, and in order to gain exclusive access they ask for a lock. If one client application holds a lock on a table and attempts to obtain the lock on a second table that is already held by a second client application, this may lead to deadlock if the second application then attempts to obtain the lock that is held by the first application (Source: Wikipedia, http://en.wikipedia.org/wiki/Deadlock):: |
| Related Weaknesses | ::412::567::662::667::833::1322:: |
| Taxonomy Mappings | TAXONOMY NAME:ATTACK:ENTRY ID:1499.004:ENTRY NAME:Endpoint Denial of Service: Application or System Exploitation:: |
| Notes | |