Common Weakness Enumeration

A Community-Developed List of Software Weakness Types

CWE/SANS Top 25 Most Dangerous Software Errors
Home > CWE List > CWE- Individual Dictionary Definition (2.11)  

CWE-832: Unlock of a Resource that is not Locked

Weakness ID: 832
Abstraction: Base
Status: Incomplete
Presentation Filter:
+ Description

Description Summary

The software attempts to unlock a resource that is not locked.

Extended Description

Depending on the locking functionality, an unlock of a non-locked resource might cause memory corruption or other modification to the resource (or its associated metadata that is used for tracking locks).

+ Common Consequences

Technical Impact: DoS: crash / exit / restart; Execute unauthorized code or commands; Modify memory; Other

Depending on the locking being used, an unlock operation might not have any adverse effects. When effects exist, the most common consequence will be a corruption of the state of the software, possibly leading to a crash or exit; depending on the implementation of the unlocking, memory corruption or code execution could occur.

+ Observed Examples
function in OS kernel unlocks a mutex that was not previously locked, causing a panic or overwrite of arbitrary memory.
Chain: OS kernel does not properly handle a failure of a function call (CWE-755), leading to an unlock of a resource that was not locked (CWE-832), with resultant crash.
OS kernel performs an unlock in some incorrect circumstances, leading to panic.
+ Relationships
NatureTypeIDNameView(s) this relationship pertains toView(s)
ChildOfWeakness BaseWeakness Base667Improper Locking
Development Concepts (primary)699
Research Concepts (primary)1000
+ Content History
Submission DateSubmitterOrganizationSource
2010-12-12MITREInternal CWE Team
Modification DateModifierOrganizationSource
2011-06-01CWE Content TeamMITREInternal
updated Common_Consequences

More information is available — Please select a different filter.
Page Last Updated: May 05, 2017