Goal Reached Thanks to every supporter — we hit 100%!

Goal: 1000 CNY · Raised: 1000 CNY

100.0%
Buy Us a Coffee

CWE-833 (死锁) — Vulnerability Class 17

17 vulnerabilities classified as CWE-833 (死锁). AI Chinese analysis included.

CWE-833 represents a concurrency weakness where multiple threads or executable segments become permanently blocked because each waits for a lock held by another, creating a circular dependency. This condition typically arises not through external exploitation, but as an unintended consequence of poor synchronization logic, leading to application hangs or denial of service. Attackers may indirectly leverage this by triggering specific race conditions that force the system into this deadlocked state, effectively disrupting service availability. To prevent such vulnerabilities, developers must implement strict lock ordering protocols, ensuring all threads acquire resources in a consistent global sequence. Additionally, utilizing timeout mechanisms for lock acquisition and employing higher-level concurrency abstractions like mutexes with non-blocking attempts can mitigate the risk. Rigorous testing under high-concurrency scenarios is also essential to identify and resolve potential circular dependencies before deployment.

MITRE CWE Description
The product contains multiple threads or executable segments that are waiting for each other to release a necessary lock, resulting in deadlock.
Common Consequences (1)
AvailabilityDoS: Resource Consumption (CPU), DoS: Resource Consumption (Other), DoS: Crash, Exit, or Restart
Each thread of execution will "hang" and prevent tasks from completing. In some cases, CPU consumption may occur if a lock check occurs in a tight loop.
CVE IDTitleCVSSSeverityPublished
CVE-2026-33904 Ella Core has a Denial of Service via SCTP connection cleanup deadlock — core 6.5 Medium2026-03-27
CVE-2025-10150 Webserver crash caused by scanning on TCP port 80 — smartLink HW-PN 7.5AIHighAI2025-10-28
CVE-2025-59463 Denial-of-service (DoS) via chunk size mismatch — TLOC100-100 all Firmware versions 4.3 Medium2025-10-27
CVE-2025-8312 Devolutions Server 安全漏洞 — Server 8.1AIHighAI2025-07-30
CVE-2025-36010 IBM Db2 for Linux denial of service — Db2 6.5 Medium2025-07-29
CVE-2024-29172 Dell BSAFE 安全漏洞 — Dell BSAFE SSL-J 5.9 Medium2025-02-12
CVE-2025-21313 Windows Security Account Manager (SAM) Denial of Service Vulnerability — Windows 11 Version 24H2 6.5 Medium2025-01-14
CVE-2024-8447 Narayana: deadlock via multiple join requests sent to lra coordinator 5.9 Medium2025-01-02
CVE-2024-47506 Junos OS: SRX Series: A large amount of traffic being processed by ATP Cloud can lead to a PFE crash — Junos OS 5.9 Medium2024-10-11
CVE-2024-0641 Kernel: deadlock leading to denial of service in tipc_crypto_key_revoke 5.5 Medium2024-01-17
CVE-2024-0639 Kernel: potential deadlock on &net->sctp.addr_wq_lock leading to dos 5.5 Medium2024-01-17
CVE-2023-42441 Vyper has incorrect re-entrancy lock when key is empty string — vyper 5.3 Medium2023-09-18
CVE-2023-0160 Possibility of deadlock in libbpf function sock_hash_delete_elem — kernel 4.7 Medium2023-07-18
CVE-2023-3436 Deadlock in Xpdf 4.04 due to PDF object stream references — Xpdf 3.3 Low2023-06-27
CVE-2022-43767 Siemens SIMATIC CP443-1 OPC UA9 安全漏洞 — SIMATIC CP 1242-7 V2 7.5 High2023-04-11
CVE-2022-4269 Linux kernel 安全漏洞 — Linux kernel (TC subsystem) 5.5 -2022-12-05
CVE-2021-1622 Cisco IOS XE Software for Cisco cBR-8 Converged Broadband Routers Common Open Policy Service Denial of Service Vulnerability — Cisco IOS XE Software 8.6 High2021-09-23

Vulnerabilities classified as CWE-833 (死锁) represent 17 CVEs. The CWE taxonomy describes the weakness; review individual CVEs for product-specific impact.