Common Weakness Enumeration

CWE-665

Discouraged

Improper Initialization

Abstraction: Class · Status: Draft

The product does not initialize or incorrectly initializes a resource, which might leave the resource in an unexpected state when it is accessed or used.

425 vulnerabilities reference this CWE, most recent first.

GHSA-6C6R-R3R9-H62J

Vulnerability from github – Published: 2024-02-06 09:31 – Updated: 2024-02-06 09:31
VLAI
Details

An improper initialization vulnerability was found in Galleon. When using Galleon to provision custom EAP or EAP-XP servers, the servers are created unsecured. This issue could allow an attacker to access remote HTTP services available from the server.

Show details on source website

{
  "affected": [],
  "aliases": [
    "CVE-2023-4503"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-665"
    ],
    "github_reviewed": false,
    "github_reviewed_at": null,
    "nvd_published_at": "2024-02-06T09:15:52Z",
    "severity": "MODERATE"
  },
  "details": "An improper initialization vulnerability was found in Galleon. When using Galleon to provision custom EAP or EAP-XP servers, the servers are created unsecured. This issue could allow an attacker to access remote HTTP services available from the server.",
  "id": "GHSA-6c6r-r3r9-h62j",
  "modified": "2024-02-06T09:31:38Z",
  "published": "2024-02-06T09:31:38Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2023-4503"
    },
    {
      "type": "WEB",
      "url": "https://access.redhat.com/errata/RHSA-2023:7637"
    },
    {
      "type": "WEB",
      "url": "https://access.redhat.com/errata/RHSA-2023:7638"
    },
    {
      "type": "WEB",
      "url": "https://access.redhat.com/errata/RHSA-2023:7639"
    },
    {
      "type": "WEB",
      "url": "https://access.redhat.com/errata/RHSA-2023:7641"
    },
    {
      "type": "WEB",
      "url": "https://access.redhat.com/security/cve/CVE-2023-4503"
    },
    {
      "type": "WEB",
      "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2184751"
    }
  ],
  "schema_version": "1.4.0",
  "severity": [
    {
      "score": "CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:N",
      "type": "CVSS_V3"
    }
  ]
}

GHSA-6FQ2-2MW9-3J26

Vulnerability from github – Published: 2022-05-13 01:23 – Updated: 2022-05-13 01:23
VLAI
Details

drivers/scsi/bfa/bfa_core.c in the Linux kernel before 2.6.35 does not initialize a certain port data structure, which allows local users to cause a denial of service (system crash) via read operations on an fc_host statistics file.

Show details on source website

{
  "affected": [],
  "aliases": [
    "CVE-2010-4343"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-665"
    ],
    "github_reviewed": false,
    "github_reviewed_at": null,
    "nvd_published_at": "2010-12-29T18:00:00Z",
    "severity": "MODERATE"
  },
  "details": "drivers/scsi/bfa/bfa_core.c in the Linux kernel before 2.6.35 does not initialize a certain port data structure, which allows local users to cause a denial of service (system crash) via read operations on an fc_host statistics file.",
  "id": "GHSA-6fq2-2mw9-3j26",
  "modified": "2022-05-13T01:23:33Z",
  "published": "2022-05-13T01:23:33Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2010-4343"
    },
    {
      "type": "WEB",
      "url": "https://bugzilla.redhat.com/show_bug.cgi?id=661182"
    },
    {
      "type": "WEB",
      "url": "http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git%3Ba=commit%3Bh=7873ca4e4401f0ecd8868bf1543113467e6bae61"
    },
    {
      "type": "WEB",
      "url": "http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git;a=commit;h=7873ca4e4401f0ecd8868bf1543113467e6bae61"
    },
    {
      "type": "WEB",
      "url": "http://secunia.com/advisories/42884"
    },
    {
      "type": "WEB",
      "url": "http://secunia.com/advisories/46397"
    },
    {
      "type": "WEB",
      "url": "http://www.kernel.org/pub/linux/kernel/v2.6/ChangeLog-2.6.35"
    },
    {
      "type": "WEB",
      "url": "http://www.openwall.com/lists/oss-security/2010/12/08/3"
    },
    {
      "type": "WEB",
      "url": "http://www.openwall.com/lists/oss-security/2010/12/09/15"
    },
    {
      "type": "WEB",
      "url": "http://www.redhat.com/support/errata/RHSA-2011-0017.html"
    },
    {
      "type": "WEB",
      "url": "http://www.securityfocus.com/archive/1/520102/100/0/threaded"
    },
    {
      "type": "WEB",
      "url": "http://www.securityfocus.com/bid/45262"
    },
    {
      "type": "WEB",
      "url": "http://www.spinics.net/lists/linux-scsi/msg43772.html"
    },
    {
      "type": "WEB",
      "url": "http://www.vmware.com/security/advisories/VMSA-2011-0012.html"
    }
  ],
  "schema_version": "1.4.0",
  "severity": [
    {
      "score": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
      "type": "CVSS_V3"
    }
  ]
}

GHSA-6GFX-CX3G-JX7C

Vulnerability from github – Published: 2024-07-05 09:33 – Updated: 2024-07-08 18:31
VLAI
Details

In the Linux kernel, the following vulnerability has been resolved:

media: v4l: async: Properly re-initialise notifier entry in unregister

The notifier_entry of a notifier is not re-initialised after unregistering the notifier. This leads to dangling pointers being left there so use list_del_init() to return the notifier_entry an empty list.

Show details on source website

{
  "affected": [],
  "aliases": [
    "CVE-2024-39485"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-665"
    ],
    "github_reviewed": false,
    "github_reviewed_at": null,
    "nvd_published_at": "2024-07-05T07:15:10Z",
    "severity": "MODERATE"
  },
  "details": "In the Linux kernel, the following vulnerability has been resolved:\n\nmedia: v4l: async: Properly re-initialise notifier entry in unregister\n\nThe notifier_entry of a notifier is not re-initialised after unregistering\nthe notifier. This leads to dangling pointers being left there so use\nlist_del_init() to return the notifier_entry an empty list.",
  "id": "GHSA-6gfx-cx3g-jx7c",
  "modified": "2024-07-08T18:31:16Z",
  "published": "2024-07-05T09:33:44Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2024-39485"
    },
    {
      "type": "WEB",
      "url": "https://git.kernel.org/stable/c/1aa6cd4adfc0380fa1ccc2f146848940ff882a66"
    },
    {
      "type": "WEB",
      "url": "https://git.kernel.org/stable/c/87100b09246202a91fce4a1562955c32229173bb"
    },
    {
      "type": "WEB",
      "url": "https://git.kernel.org/stable/c/9537a8425a7a0222999d5839a0b394b1e8834b4a"
    }
  ],
  "schema_version": "1.4.0",
  "severity": [
    {
      "score": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
      "type": "CVSS_V3"
    }
  ]
}

GHSA-6J77-RPRV-M39J

Vulnerability from github – Published: 2022-05-13 01:42 – Updated: 2022-05-13 01:42
VLAI
Details

Nagios Core before 4.3.3 creates a nagios.lock PID file after dropping privileges to a non-root account, which might allow local users to kill arbitrary processes by leveraging access to this non-root account for nagios.lock modification before a root script executes a "kill cat /pathname/nagios.lock" command.

Show details on source website

{
  "affected": [],
  "aliases": [
    "CVE-2017-12847"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-665"
    ],
    "github_reviewed": false,
    "github_reviewed_at": null,
    "nvd_published_at": "2017-08-23T21:29:00Z",
    "severity": "MODERATE"
  },
  "details": "Nagios Core before 4.3.3 creates a nagios.lock PID file after dropping privileges to a non-root account, which might allow local users to kill arbitrary processes by leveraging access to this non-root account for nagios.lock modification before a root script executes a \"kill `cat /pathname/nagios.lock`\" command.",
  "id": "GHSA-6j77-rprv-m39j",
  "modified": "2022-05-13T01:42:46Z",
  "published": "2022-05-13T01:42:46Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2017-12847"
    },
    {
      "type": "WEB",
      "url": "https://github.com/NagiosEnterprises/nagioscore/issues/404"
    },
    {
      "type": "WEB",
      "url": "https://github.com/NagiosEnterprises/nagioscore/commit/1b197346d490df2e2d3b1dcce5ac6134ad0c8752"
    },
    {
      "type": "WEB",
      "url": "https://github.com/NagiosEnterprises/nagioscore/commit/3baffa78bafebbbdf9f448890ba5a952ea2d73cb"
    },
    {
      "type": "WEB",
      "url": "https://github.com/NagiosEnterprises/nagioscore/blob/master/Changelog"
    },
    {
      "type": "WEB",
      "url": "https://security.gentoo.org/glsa/201710-20"
    },
    {
      "type": "WEB",
      "url": "http://www.securityfocus.com/bid/100403"
    }
  ],
  "schema_version": "1.4.0",
  "severity": [
    {
      "score": "CVSS:3.0/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:H/A:H",
      "type": "CVSS_V3"
    }
  ]
}

GHSA-6JJ2-4Q5C-X8G6

Vulnerability from github – Published: 2026-06-19 20:46 – Updated: 2026-06-19 20:46
VLAI
Summary
CoreWCF NetNamedPipe transport accepts attach to a pre-existing named pipe instance
Details

Impact

CoreWCF NetNamedPipe transport accepts attach to a pre-existing named pipe instance, allowing local interception of NetNamedPipe traffic. NetNamedPipe creates a shared memory object based on the listening url, then generated a unique GUID for the named pipe it will be using and saves this to the shared memory object. Then it creates the named pipe to listen for clients. This requires an attacker to race the service and create the named pipe between the service publishing the GUID to the shared memory location (which the attacker needs to read) and the service creating the named pipe itself.

Patches

Fixed in CoreWCF v1.8.1 and v1.9.1

Workarounds

None

Show details on source website

{
  "affected": [
    {
      "package": {
        "ecosystem": "NuGet",
        "name": "CoreWCF.NetNamedPipe"
      },
      "ranges": [
        {
          "events": [
            {
              "introduced": "0"
            },
            {
              "fixed": "1.8.1"
            }
          ],
          "type": "ECOSYSTEM"
        }
      ]
    },
    {
      "package": {
        "ecosystem": "NuGet",
        "name": "CoreWCF.NetNamedPipe"
      },
      "ranges": [
        {
          "events": [
            {
              "introduced": "1.9.0"
            },
            {
              "fixed": "1.9.1"
            }
          ],
          "type": "ECOSYSTEM"
        }
      ]
    }
  ],
  "aliases": [
    "CVE-2026-54777"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-367",
      "CWE-665"
    ],
    "github_reviewed": true,
    "github_reviewed_at": "2026-06-19T20:46:55Z",
    "nvd_published_at": null,
    "severity": "MODERATE"
  },
  "details": "### Impact\nCoreWCF NetNamedPipe transport accepts attach to a pre-existing named pipe instance, allowing local interception of NetNamedPipe traffic. NetNamedPipe creates a shared memory object based on the listening url, then generated a unique GUID for the named pipe it will be using and saves this to the shared memory object. Then it creates the named pipe to listen for clients. This requires an attacker to race the service and create the named pipe between the service publishing the GUID to the shared memory location (which the attacker needs to read) and the service creating the named pipe itself.\n\n### Patches\nFixed in CoreWCF v1.8.1 and v1.9.1\n\n### Workarounds\nNone",
  "id": "GHSA-6jj2-4q5c-x8g6",
  "modified": "2026-06-19T20:46:55Z",
  "published": "2026-06-19T20:46:55Z",
  "references": [
    {
      "type": "WEB",
      "url": "https://github.com/CoreWCF/CoreWCF/security/advisories/GHSA-6jj2-4q5c-x8g6"
    },
    {
      "type": "PACKAGE",
      "url": "https://github.com/CoreWCF/CoreWCF"
    }
  ],
  "schema_version": "1.4.0",
  "severity": [
    {
      "score": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:L",
      "type": "CVSS_V3"
    }
  ],
  "summary": "CoreWCF NetNamedPipe transport accepts attach to a pre-existing named pipe instance"
}

GHSA-6MFV-842H-V848

Vulnerability from github – Published: 2022-05-24 17:33 – Updated: 2022-05-24 17:33
VLAI
Details

In rw_i93_sm_format of rw_i93.cc, there is a possible out of bounds read due to uninitialized data. This could lead to remote information disclosure over NFC with no additional execution privileges needed. User interaction is needed for exploitation.Product: AndroidVersions: Android-8.0 Android-8.1 Android-9 Android-10 Android-11Android ID: A-157650336

Show details on source website

{
  "affected": [],
  "aliases": [
    "CVE-2020-0450"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-665"
    ],
    "github_reviewed": false,
    "github_reviewed_at": null,
    "nvd_published_at": "2020-11-10T13:15:00Z",
    "severity": "MODERATE"
  },
  "details": "In rw_i93_sm_format of rw_i93.cc, there is a possible out of bounds read due to uninitialized data. This could lead to remote information disclosure over NFC with no additional execution privileges needed. User interaction is needed for exploitation.Product: AndroidVersions: Android-8.0 Android-8.1 Android-9 Android-10 Android-11Android ID: A-157650336",
  "id": "GHSA-6mfv-842h-v848",
  "modified": "2022-05-24T17:33:27Z",
  "published": "2022-05-24T17:33:27Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2020-0450"
    },
    {
      "type": "WEB",
      "url": "https://source.android.com/security/bulletin/2020-11-01"
    }
  ],
  "schema_version": "1.4.0",
  "severity": []
}

GHSA-6QW3-W6WV-8FGG

Vulnerability from github – Published: 2023-10-29 09:30 – Updated: 2023-11-08 03:30
VLAI
Details

When the isula cp command is used to copy files from a container to a host machine and the container is controlled by an attacker, the attacker can escape the container.

Show details on source website

{
  "affected": [],
  "aliases": [
    "CVE-2021-33638"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-665"
    ],
    "github_reviewed": false,
    "github_reviewed_at": null,
    "nvd_published_at": "2023-10-29T08:15:20Z",
    "severity": "MODERATE"
  },
  "details": "\nWhen the isula cp command is used to copy files from a container to a host machine and the container is controlled by an attacker, the attacker can escape the container.\n\n",
  "id": "GHSA-6qw3-w6wv-8fgg",
  "modified": "2023-11-08T03:30:32Z",
  "published": "2023-10-29T09:30:27Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2021-33638"
    },
    {
      "type": "WEB",
      "url": "https://gitee.com/src-openeuler/iSulad/pulls/600/files"
    },
    {
      "type": "WEB",
      "url": "https://gitee.com/src-openeuler/iSulad/pulls/627/files"
    },
    {
      "type": "WEB",
      "url": "https://www.openeuler.org/zh/security/security-bulletins/detail/?id=openEuler-SA-2023-1686"
    }
  ],
  "schema_version": "1.4.0",
  "severity": [
    {
      "score": "CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
      "type": "CVSS_V3"
    }
  ]
}

GHSA-6RMW-4VW4-4Q4G

Vulnerability from github – Published: 2022-05-13 01:18 – Updated: 2022-05-13 01:18
VLAI
Details

The Windows kernel in Microsoft Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8.1 and RT 8.1, Windows Server 2012 and R2, Windows 10 Gold, 1511, 1607, 1703, and 1709, Windows Server 2016 and Windows Server, version 1709 allows an information disclosure vulnerability due to the way memory addresses are handled, aka "Windows Kernel Information Disclosure Vulnerability". This CVE is unique from CVE-2018-0811, CVE-2018-0813, CVE-2018-0814, CVE-2018-0894, CVE-2018-0895, CVE-2018-0896, CVE-2018-0897, CVE-2018-0898, CVE-2018-0899, CVE-2018-0900, and CVE-2018-0926.

Show details on source website

{
  "affected": [],
  "aliases": [
    "CVE-2018-0901"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-665"
    ],
    "github_reviewed": false,
    "github_reviewed_at": null,
    "nvd_published_at": "2018-03-14T17:29:00Z",
    "severity": "MODERATE"
  },
  "details": "The Windows kernel in Microsoft Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8.1 and RT 8.1, Windows Server 2012 and R2, Windows 10 Gold, 1511, 1607, 1703, and 1709, Windows Server 2016 and Windows Server, version 1709 allows an information disclosure vulnerability due to the way memory addresses are handled, aka \"Windows Kernel Information Disclosure Vulnerability\". This CVE is unique from CVE-2018-0811, CVE-2018-0813, CVE-2018-0814, CVE-2018-0894, CVE-2018-0895, CVE-2018-0896, CVE-2018-0897, CVE-2018-0898, CVE-2018-0899, CVE-2018-0900, and CVE-2018-0926.",
  "id": "GHSA-6rmw-4vw4-4q4g",
  "modified": "2022-05-13T01:18:36Z",
  "published": "2022-05-13T01:18:36Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2018-0901"
    },
    {
      "type": "WEB",
      "url": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2018-0901"
    },
    {
      "type": "WEB",
      "url": "https://www.exploit-db.com/exploits/44311"
    },
    {
      "type": "WEB",
      "url": "http://www.securityfocus.com/bid/103245"
    },
    {
      "type": "WEB",
      "url": "http://www.securitytracker.com/id/1040517"
    }
  ],
  "schema_version": "1.4.0",
  "severity": [
    {
      "score": "CVSS:3.0/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:N/A:N",
      "type": "CVSS_V3"
    }
  ]
}

GHSA-6V6P-FP4F-56P8

Vulnerability from github – Published: 2023-08-11 03:30 – Updated: 2024-04-04 06:49
VLAI
Details

Improper initialization in the BIOS firmware for some Intel(R) Processors may allow a privileged user to potentially enable information disclosure via local access.

Show details on source website

{
  "affected": [],
  "aliases": [
    "CVE-2022-38083"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-665"
    ],
    "github_reviewed": false,
    "github_reviewed_at": null,
    "nvd_published_at": "2023-08-11T03:15:13Z",
    "severity": "MODERATE"
  },
  "details": "Improper initialization in the BIOS firmware for some Intel(R) Processors may allow a privileged user to potentially enable information disclosure via local access.",
  "id": "GHSA-6v6p-fp4f-56p8",
  "modified": "2024-04-04T06:49:51Z",
  "published": "2023-08-11T03:30:20Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2022-38083"
    },
    {
      "type": "WEB",
      "url": "https://security.netapp.com/advisory/ntap-20230824-0001"
    },
    {
      "type": "WEB",
      "url": "http://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00813.html"
    }
  ],
  "schema_version": "1.4.0",
  "severity": [
    {
      "score": "CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:C/C:H/I:L/A:N",
      "type": "CVSS_V3"
    }
  ]
}

GHSA-6V9P-CXVF-8F7V

Vulnerability from github – Published: 2022-05-24 17:33 – Updated: 2022-10-07 18:15
VLAI
Details

A Red Hat only CVE-2020-12352 regression issue was found in the way the Linux kernel's Bluetooth stack implementation handled the initialization of stack memory when handling certain AMP packets. This flaw allows a remote attacker in an adjacent range to leak small portions of stack memory on the system by sending specially crafted AMP packets. The highest threat from this vulnerability is to data confidentiality.

Show details on source website

{
  "affected": [],
  "aliases": [
    "CVE-2020-25662"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-200",
      "CWE-284",
      "CWE-665"
    ],
    "github_reviewed": false,
    "github_reviewed_at": null,
    "nvd_published_at": "2020-11-05T21:15:00Z",
    "severity": "MODERATE"
  },
  "details": "A Red Hat only CVE-2020-12352 regression issue was found in the way the Linux kernel\u0027s Bluetooth stack implementation handled the initialization of stack memory when handling certain AMP packets. This flaw allows a remote attacker in an adjacent range to leak small portions of stack memory on the system by sending specially crafted AMP packets. The highest threat from this vulnerability is to data confidentiality.",
  "id": "GHSA-6v9p-cxvf-8f7v",
  "modified": "2022-10-07T18:15:55Z",
  "published": "2022-05-24T17:33:16Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2020-25662"
    },
    {
      "type": "WEB",
      "url": "https://access.redhat.com/errata/RHSA-2020:4685"
    },
    {
      "type": "WEB",
      "url": "https://access.redhat.com/errata/RHSA-2020:4686"
    },
    {
      "type": "WEB",
      "url": "https://access.redhat.com/security/cve/CVE-2020-12352"
    },
    {
      "type": "WEB",
      "url": "https://access.redhat.com/security/cve/CVE-2020-25662"
    },
    {
      "type": "WEB",
      "url": "https://access.redhat.com/security/vulnerabilities/BleedingTooth"
    },
    {
      "type": "WEB",
      "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1891484"
    },
    {
      "type": "WEB",
      "url": "https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2020-25662"
    }
  ],
  "schema_version": "1.4.0",
  "severity": [
    {
      "score": "CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N",
      "type": "CVSS_V3"
    }
  ]
}

Mitigation MIT-3
Requirements

Strategy: Language Selection

  • Use a language that does not allow this weakness to occur or provides constructs that make this weakness easier to avoid.
  • For example, in Java, if the programmer does not explicitly initialize a variable, then the code could produce a compile-time error (if the variable is local) or automatically initialize the variable to the default value for the variable's type. In Perl, if explicit initialization is not performed, then a default value of undef is assigned, which is interpreted as 0, false, or an equivalent value depending on the context in which the variable is accessed.
Mitigation
Architecture and Design

Identify all variables and data stores that receive information from external sources, and apply input validation to make sure that they are only initialized to expected values.

Mitigation
Implementation

Explicitly initialize all your variables and other data stores, either during declaration or just before the first usage.

Mitigation
Implementation

Pay close attention to complex conditionals that affect initialization, since some conditions might not perform the initialization.

Mitigation
Implementation

Avoid race conditions (CWE-362) during initialization routines.

Mitigation
Build and Compilation

Run or compile your product with settings that generate warnings about uninitialized variables or data.

CAPEC-26: Leveraging Race Conditions

The adversary targets a race condition occurring when multiple processes access and manipulate the same resource concurrently, and the outcome of the execution depends on the particular order in which the access takes place. The adversary can leverage a race condition by "running the race", modifying the resource and modifying the normal execution flow. For instance, a race condition can occur while accessing a file: the adversary can trick the system by replacing the original file with their version and cause the system to read the malicious file.

CAPEC-29: Leveraging Time-of-Check and Time-of-Use (TOCTOU) Race Conditions

This attack targets a race condition occurring between the time of check (state) for a resource and the time of use of a resource. A typical example is file access. The adversary can leverage a file access race condition by "running the race", meaning that they would modify the resource between the first time the target program accesses the file and the time the target program uses the file. During that period of time, the adversary could replace or modify the file, causing the application to behave unexpectedly.