337 – Make critical logic flows thread safe

Summary

Critical and high-value business logic flows must be thread safe and resistant to time-of-check and time-of-use (TOCTOU) race conditions.

Description

A race condition occurs when a code sequence requires exclusive access to a resource but another code sequence can modify the same resource before the first one has released it. This can have security implications if it occurs during high-value business logic flows, such as authentication, authorization and session management. Therefore, threads and concurrent processes must be managed carefully in order to prevent race conditions from arising.

Supported In

Advanced: True

References

• CAPEC-25. Forced deadlock
• CAPEC-26. Leveraging race conditions
• CAPEC-27. Leveraging race conditions via symbolic links
• CAPEC-29. Leveraging time-of-check and time-of-use (TOCTOU) race conditions
• CAPEC-30. Hijacking a privileged thread of execution
• CAPEC-124. Shared resource manipulation
• CAPEC-233. Privilege escalation
• CWE-362. Concurrent execution using shared resource with improper synchronization ("race condition")
• CWE-367. Time-of-check time-of-use (TOCTOU) race condition
• AGILE-9. Continuous attention to technical excellence and good design
• CERTC-CON38-C. Preserve thread safety and liveness when using condition variables
• CERTJ-TSM00-J. Do not override thread-safe methods with methods that are not thread-safe
• MITRE-M1013. Application developer guidance
• MITRE-M1025. Privileged process integrity
• WASC-W_40. Insufficient process validation
• OWASPSCP-14. General coding practices
• CWE25-362. Concurrent execution using shared resource with improper synchronization (Race condition)
• ASVS-11_1_1. Business logic security
• SIG-L_2_1. Compliance
• SANS25-21. Concurrent execution using shared resource with improper synchronization (Race condition)
• CASA-1_11_3. Communications Architecture
• NIST-ID_AM-03. Representations of the organization’s authorized network communication and internal and external network data flows are maintained

Weaknesses

• 124 – Race condition
• 443 – Insecure service configuration - Business logic

Last updated

2024/03/05