CWE-832

Name

Unlock of a Resource that is not Locked

Status

Incomplete

Published

2010-12-13 00:00 +00:00

Last Modified

2023-06-29 00:00 +00:00

Official links

CWE Mitre.org

Alerte pour un CWE

Stay informed of any changes for a specific CWE.

Alert management

List of Alerts

Alerte pour un CWE

Stay informed of any changes for a specific CWE.

Parameters

You can specify a title that will be retrieved in the alerts that will be sent out.

Specify the CWE ID you wish to monitor.

Planning

Month

Next run calculation

Day

Weekday

Hour

Minute

Creation date

Last execution

Next execution

Functionality requiring a connection

This feature, which allows you to receive alerts, is only active when you are logged into your account.

Unlock of a Resource that is not Locked

The product attempts to unlock a resource that is not locked.

Extended Description

Depending on the locking functionality, an unlock of a non-locked resource might cause memory corruption or other modification to the resource (or its associated metadata that is used for tracking locks).

Informations

Common Consequences

Scope	Impact	Likelihood
Integrity Confidentiality Availability Other	DoS: Crash, Exit, or Restart, Execute Unauthorized Code or Commands, Modify Memory, Other Note: Depending on the locking being used, an unlock operation might not have any adverse effects. When effects exist, the most common consequence will be a corruption of the state of the product, possibly leading to a crash or exit; depending on the implementation of the unlocking, memory corruption or code execution could occur.

Observed Examples

Reference	Description
CVE-2010-4210	function in OS kernel unlocks a mutex that was not previously locked, causing a panic or overwrite of arbitrary memory.
CVE-2008-4302	Chain: OS kernel does not properly handle a failure of a function call (CWE-755), leading to an unlock of a resource that was not locked (CWE-832), with resultant crash.
CVE-2009-1243	OS kernel performs an unlock in some incorrect circumstances, leading to panic.

Vulnerability Mapping Notes

Rationale : This CWE entry is at the Base level of abstraction, which is a preferred level of abstraction for mapping to the root causes of vulnerabilities.
Comments : Carefully read both the name and description to ensure that this mapping is an appropriate fit. Do not try to 'force' a mapping to a lower-level Base/Variant simply to comply with this preferred level of abstraction.

Submission

Name	Organization	Date	Date Release	Version
CWE Content Team	MITRE	2010-12-12 +00:00	2010-12-13 +00:00	1.11

Modifications

Name	Organization	Date	Comment
CWE Content Team	MITRE	2011-06-01 +00:00	updated Common_Consequences
CWE Content Team	MITRE	2020-02-24 +00:00	updated Relationships
CWE Content Team	MITRE	2023-01-31 +00:00	updated Common_Consequences, Description
CWE Content Team	MITRE	2023-04-27 +00:00	updated Relationships
CWE Content Team	MITRE	2023-06-29 +00:00	updated Mapping_Notes

Lists Vulnerabilities

Sorted by Year

CVE Statistics

Specific Views

Vendors List

Products List

Lists CWE

Specific Views

Lasts 7 CWE

Lists CAPEC

Specifics Views

7 Lasts CAPEC

CWE-832

Alerte pour un CWE

Functionality requiring a connection

Unlock of a Resource that is not Locked

Extended Description

Informations

Common Consequences

Observed Examples

Vulnerability Mapping Notes

Submission

Modifications

Lists Vulnerabilities

Sorted by Year

CVE Statistics

Specific Views

CVE

OWASP

CISA KEV

Vendors List

Products List

Lists CWE

Specific Views

Lasts 7 CWE

Lists CAPEC

Specifics Views

7 Lasts CAPEC

No result found

Alert System

CWE-832 Detail

CWE-832

Alerte pour un CWE

Unlock of a Resource that is not Locked

Extended Description

Informations

Common Consequences

Observed Examples

Vulnerability Mapping Notes

Submission

Modifications