CAPEC-25

Meta Abstraction Level
Meta — Very abstract, high-level category
Standard — Specific enough to understand
Detailed — Tied to specific technique
Stable MITRE CAPEC Status
Stable — Fully reviewed and complete
Draft — Under development
Incomplete — Partially defined
Deprecated — No longer recommended
Obsolete — Replaced by another CAPEC
Likelihood: Low Severity: High
Forced Deadlock

Description

The adversary triggers and exploits a deadlock condition in the target software to cause a denial of service. A deadlock can occur when two or more competing actions are waiting for each other to finish, and thus neither ever does. Deadlock conditions can be difficult to detect.

Prerequisites

The target host has a deadlock condition. There are four conditions for a deadlock to occur, known as the Coffman conditions. [REF-101]

The target host exposes an API to the user.

Mitigations

Use known algorithm to avoid deadlock condition (for instance non-blocking synchronization algorithms).

For competing actions, use well-known libraries which implement synchronization.

Skills Required

[Medium] This type of attack may be sophisticated and require knowledge about the system's resources and APIs.