Concurrency Issues
A category in the Common Weakness Enumeration published by The MITRE Corporation.
Summary
Categories in the Common Weakness Enumeration (CWE) group entries based on some common characteristic or attribute.
Weaknesses in this category are related to concurrent use of shared resources.
Weaknesses
A product performs a series of non-atomic actions to switch between contexts that cross privilege or other security boundaries, but a race condition allows an attacker...
The product contains an empty synchronized block.
The product utilizes a shared resource in a concurrent manner, but it does not correctly synchronize access to the resource.
The code contains a function or method that operates in a multi-threaded environment but owns an unsafe non-final static storable or member d...
The product utilizes a shared resource in a concurrent manner but does not attempt to synchronize access to the resource.
The product opens an alternate channel to communicate with an authorized user, but the channel is accessible to other actors.
The product checks the status of a file or directory before accessing it, which produces a race condition in which the file can be replaced with a link before the acce...
If two threads of execution use a resource simultaneously, there exists the possibility that resources may be used while invalid, in turn making the state of execution...
The product uses a signal handler that introduces a race condition.
A constant symbolic reference to an object is used, even though the reference can resolve to a different object over time.
The code has a synchronous call to a remote resource, but there is no timeout for the call, or the timeout is set to infinite.
The product checks the state of a resource before using that resource, but the resource's state can change between the check and the use in a way that invalidates the ...
The product does not properly synchronize shared data, such as static variables across threads, which can lead to undefined behavior and unpredictable data changes.
The product calls a non-reentrant function in a concurrent context in which a competing code sequence (e.g. thread or signal handler) may have an opportunity to call t...
Concepts
This view organizes weaknesses around concepts that are frequently used or encountered in software development. This includes all aspects of the software development l...
Common Weakness Enumeration content on this website is copyright of The MITRE Corporation unless otherwise specified. Use of the Common Weakness Enumeration and the associated references on this website are subject to the Terms of Use as specified by The MITRE Corporation.