cwe-833-deadlock

star 1

Use this skill when you need to remediate CWE-833 (Deadlock) vulnerabilities in Java code. Triggers on SAST findings, security reviews, or when fixing deadlock issues.

DevelopersCoffee By DevelopersCoffee schedule Updated 3/6/2026
play_arrow Run Skill in Manus View GitHub

name: cwe-833-deadlock description: Use this skill when you need to remediate CWE-833 (Deadlock) vulnerabilities in Java code. Triggers on SAST findings, security reviews, or when fixing deadlock issues. version: 1.0.0 license: MIT tags:

  • security
  • java
  • cwe-833
  • remediation
  • sast

CWE-833 Deadlock

Description

Deadlock

Reference: https://cwe.mitre.org/data/definitions/833.html

OWASP Category: A04:2021 – Insecure Design

Vulnerable Pattern

❌ Example 1: Vulnerable Pattern

// VULNERABLE: Potential deadlock - different lock ordering
public void transferMoney(Account from, Account to, int amount) {
    synchronized (from) {
        synchronized (to) {
            from.withdraw(amount);
            to.deposit(amount);
        }
    }
}

Why it's vulnerable: This pattern is vulnerable to Deadlock

Deterministic Fix

✅ Secure Implementation: Secure Implementation

// SECURE: Consistent lock ordering
public void transferMoney(Account from, Account to, int amount) {
    Account first = from.getId() < to.getId() ? from : to;
    Account second = from.getId() < to.getId() ? to : from;

    synchronized (first) {
        synchronized (second) {
            from.withdraw(amount);
            to.deposit(amount);
        }
    }
}

Why it's secure: Implements proper protection against Deadlock

Detection Pattern

Look for these patterns in your codebase:

# Find nested synchronized
grep -rn "synchronized.*{" --include="*.java" -A10 | grep "synchronized"

Remediation Steps

  1. Always acquire locks in consistent order

  2. Use Lock.tryLock() with timeout

  3. Consider lock-free data structures

  4. Use higher-level concurrency utilities

Key Imports


import java.util.concurrent.locks.Lock;

Verification

After remediation:

  • Run SAST scanner to confirm vulnerability is resolved

  • Review all instances of the vulnerable pattern

  • Add unit tests that verify the secure implementation

  • Check for similar patterns in related code

Trigger Examples

Fix CWE-833 vulnerability
Resolve Deadlock issue
Secure this Java code against deadlock
SAST reports CWE-833

Common Vulnerable Locations

Layer Files Patterns

| Controller | *Controller.java | User input handling |

| Service | *Service.java | Business logic |

| Repository | *Repository.java | Data access |

References

Source: Generated by Java CWE Security Skills Generator Last Updated: 2026-03-07

Install via CLI
npx skills add https://github.com/DevelopersCoffee/java-cwe-security-skills --skill cwe-833-deadlock
Repository Details
star Stars 1
call_split Forks 0
navigation Branch main
article Path SKILL.md
More from Creator
DevelopersCoffee
DevelopersCoffee Explore all skills →