CWE

Common Weakness Enumeration

A Community-Developed List of Software Weakness Types

CWE/SANS Top 25 Most Dangerous Software Errors
Home > CWE List > CWE- Individual Dictionary Definition (2.11)  
ID

CWE CATEGORY: Signal Errors

Category ID: 387
Status: Incomplete
+ Description

Description Summary

Weaknesses in this category are related to the improper handling of signals.
+ Applicable Platforms

Languages

C

C++

+ Observed Examples
ReferenceDescription
unhandled SIGSERV signal allows core dump
SIGABRT (abort) signal not properly handled, causing core dump.
Remote attackers cause a crash using early connection termination, which generates SIGPIPE signal.
Library does not handle a SIGPIPE signal when a server becomes available during a search query. Overlaps unchecked error condition?
SIGUSR1 can be sent as root from non-root process.
Kernel does not prevent users from sending SIGIO signal, which causes crash in applications that do not handle it. Overlaps privileges.
Script sends wrong signal to a process and kills it.
Interruption of operation causes signal to be handled incorrectly, leading to crash.
Shared signal handlers not cleared when executing a process. Overlaps initialization error.
Privileged process does not properly signal unprivileged process after session termination, leading to connection consumption.
SIGCHLD signal to FTP server can cause crash under heavy load while executing non-reentrant functions like malloc/free. Possibly signal handler race condition?
Certain signals implemented with unsafe library calls.
+ Relationships
NatureTypeIDNameView(s) this relationship pertains toView(s)
ChildOfCategoryCategory361Time and State
Development Concepts (primary)699
ChildOfCategoryCategory634Weaknesses that Affect System Processes
Resource-specific Weaknesses (primary)631
ParentOfWeakness BaseWeakness Base364Signal Handler Race Condition
Development Concepts699
+ Affected Resources
  • System Process
+ Taxonomy Mappings
Mapped Taxonomy NameNode IDFitMapped Node Name
PLOVERSignal Errors
+ Maintenance Notes

Several sub-categories could exist, but this needs more study. Some sub-categories might be unhandled signals, untrusted signals, and sending the wrong signals.

+ Content History
Submissions
Submission DateSubmitterOrganizationSource
PLOVERExternally Mined
Modifications
Modification DateModifierOrganizationSource
2008-09-08CWE Content TeamMITREInternal
updated Applicable_Platforms, Description, Maintenance_Notes, Relationships, Observed_Example, Other_Notes, Taxonomy_Mappings, Type
2009-07-27CWE Content TeamMITREInternal
updated Observed_Examples
2009-12-28CWE Content TeamMITREInternal
updated Other_Notes

More information is available — Please select a different filter.
Page Last Updated: May 05, 2017