Common Weakness Enumeration

CWE-833

Allowed

Deadlock

Abstraction: Base · Status: Incomplete

The product contains multiple threads or executable segments that are waiting for each other to release a necessary lock, resulting in deadlock.

39 vulnerabilities reference this CWE, most recent first.

GHSA-3HG2-R75X-G69M

Vulnerability from github – Published: 2023-09-18 19:20 – Updated: 2024-11-22 20:35
VLAI
Summary
Vyper has incorrect re-entrancy lock when key is empty string
Details

Impact

Locks of the type @nonreentrant("") or @nonreentrant('') do not produce reentrancy checks at runtime.

@nonreentrant("") # unprotected
@external
def bar():
    pass

@nonreentrant("lock") # protected
@external
def foo():
    pass

Patches

Patched in #3605

Workarounds

The lock name should be a non-empty string.

References

Are there any links users can visit to find out more?

Show details on source website

{
  "affected": [
    {
      "package": {
        "ecosystem": "PyPI",
        "name": "vyper"
      },
      "ranges": [
        {
          "events": [
            {
              "introduced": "0.2.9"
            },
            {
              "fixed": "0.3.10"
            }
          ],
          "type": "ECOSYSTEM"
        }
      ]
    }
  ],
  "aliases": [
    "CVE-2023-42441"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-667",
      "CWE-833"
    ],
    "github_reviewed": true,
    "github_reviewed_at": "2023-09-18T19:20:55Z",
    "nvd_published_at": "2023-09-18T21:16:09Z",
    "severity": "MODERATE"
  },
  "details": "### Impact\n\nLocks of the type `@nonreentrant(\"\")` or `@nonreentrant(\u0027\u0027)` do not produce reentrancy checks at runtime.\n\n```Vyper\n@nonreentrant(\"\") # unprotected\n@external\ndef bar():\n    pass\n\n@nonreentrant(\"lock\") # protected\n@external\ndef foo():\n    pass\n```\n### Patches\n\nPatched in #3605\n\n### Workarounds\n\nThe lock name should be a non-empty string.\n\n### References\n_Are there any links users can visit to find out more?_\n",
  "id": "GHSA-3hg2-r75x-g69m",
  "modified": "2024-11-22T20:35:07Z",
  "published": "2023-09-18T19:20:55Z",
  "references": [
    {
      "type": "WEB",
      "url": "https://github.com/vyperlang/vyper/security/advisories/GHSA-3hg2-r75x-g69m"
    },
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2023-42441"
    },
    {
      "type": "WEB",
      "url": "https://github.com/vyperlang/vyper/pull/3605"
    },
    {
      "type": "WEB",
      "url": "https://github.com/vyperlang/vyper/commit/0b740280c1e3c5528a20d47b29831948ddcc6d83"
    },
    {
      "type": "WEB",
      "url": "https://github.com/pypa/advisory-database/tree/main/vulns/vyper/PYSEC-2023-305.yaml"
    },
    {
      "type": "PACKAGE",
      "url": "https://github.com/vyperlang/vyper"
    }
  ],
  "schema_version": "1.4.0",
  "severity": [
    {
      "score": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N",
      "type": "CVSS_V3"
    }
  ],
  "summary": "Vyper has incorrect re-entrancy lock when key is empty string"
}

GHSA-54QX-6C6V-96W4

Vulnerability from github – Published: 2025-01-14 18:32 – Updated: 2025-01-14 18:32
VLAI
Details

Windows Security Account Manager (SAM) Denial of Service Vulnerability

Show details on source website

{
  "affected": [],
  "aliases": [
    "CVE-2025-21313"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-833"
    ],
    "github_reviewed": false,
    "github_reviewed_at": null,
    "nvd_published_at": "2025-01-14T18:15:55Z",
    "severity": "MODERATE"
  },
  "details": "Windows Security Account Manager (SAM) Denial of Service Vulnerability",
  "id": "GHSA-54qx-6c6v-96w4",
  "modified": "2025-01-14T18:32:04Z",
  "published": "2025-01-14T18:32:04Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2025-21313"
    },
    {
      "type": "WEB",
      "url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2025-21313"
    }
  ],
  "schema_version": "1.4.0",
  "severity": [
    {
      "score": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
      "type": "CVSS_V3"
    }
  ]
}

GHSA-5W2P-JHH5-RPR3

Vulnerability from github – Published: 2024-10-11 18:32 – Updated: 2024-10-11 18:32
VLAI
Details

A Deadlock vulnerability in the packet forwarding engine (PFE) of Juniper Networks Junos OS on SRX Series allows an unauthenticated, network-based attacker to cause a Denial of Service (DoS).

When a large amount of traffic is processed by ATP Cloud inspection, a deadlock can occur which will result in a PFE crash and restart. Whether the crash occurs, depends on system internal timing that is outside the attackers control.

This issue affects Junos OS on SRX Series:

  • All versions before 21.3R3-S1,
  • 21.4 versions before 21.4R3,
  • 22.1 versions before 22.1R2,
  • 22.2 versions before 22.2R1-S2, 22.2R2.
Show details on source website

{
  "affected": [],
  "aliases": [
    "CVE-2024-47506"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-833"
    ],
    "github_reviewed": false,
    "github_reviewed_at": null,
    "nvd_published_at": "2024-10-11T16:15:12Z",
    "severity": "HIGH"
  },
  "details": "A Deadlock vulnerability in the packet forwarding engine (PFE) of Juniper Networks Junos OS on SRX Series allows an unauthenticated, network-based attacker to cause a Denial of Service (DoS).\n\nWhen a large amount of traffic is processed by ATP Cloud inspection, a deadlock can occur which will result in a PFE crash and restart. Whether the crash occurs, depends on system internal timing that is outside the attackers control.\n\n\n\nThis issue affects Junos OS on SRX Series:\n\n\n\n  *  All versions before 21.3R3-S1,\n  *  21.4 versions before 21.4R3,\n  *  22.1 versions before 22.1R2,\n  *  22.2 versions before 22.2R1-S2, 22.2R2.",
  "id": "GHSA-5w2p-jhh5-rpr3",
  "modified": "2024-10-11T18:32:49Z",
  "published": "2024-10-11T18:32:49Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2024-47506"
    },
    {
      "type": "WEB",
      "url": "https://supportportal.juniper.net/JSA88137"
    }
  ],
  "schema_version": "1.4.0",
  "severity": [
    {
      "score": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H",
      "type": "CVSS_V3"
    },
    {
      "score": "CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:L/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:A/V:X/RE:M/U:X",
      "type": "CVSS_V4"
    }
  ]
}

GHSA-668P-X3M7-8W6V

Vulnerability from github – Published: 2024-01-17 18:31 – Updated: 2024-01-24 21:30
VLAI
Details

A denial of service vulnerability due to a deadlock was found in sctp_auto_asconf_init in net/sctp/socket.c in the Linux kernel’s SCTP subsystem. This flaw allows guests with local user privileges to trigger a deadlock and potentially crash the system.

Show details on source website

{
  "affected": [],
  "aliases": [
    "CVE-2024-0639"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-667",
      "CWE-833"
    ],
    "github_reviewed": false,
    "github_reviewed_at": null,
    "nvd_published_at": "2024-01-17T16:15:46Z",
    "severity": "MODERATE"
  },
  "details": "A denial of service vulnerability due to a deadlock was found in sctp_auto_asconf_init in net/sctp/socket.c in the Linux kernel\u2019s SCTP subsystem. This flaw allows guests with local user privileges to trigger a deadlock and potentially crash the system.",
  "id": "GHSA-668p-x3m7-8w6v",
  "modified": "2024-01-24T21:30:32Z",
  "published": "2024-01-17T18:31:36Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2024-0639"
    },
    {
      "type": "WEB",
      "url": "https://github.com/torvalds/linux/commit/6feb37b3b06e9049e20dcf7e23998f92c9c5be9a"
    },
    {
      "type": "WEB",
      "url": "https://access.redhat.com/security/cve/CVE-2024-0639"
    },
    {
      "type": "WEB",
      "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2258754"
    }
  ],
  "schema_version": "1.4.0",
  "severity": [
    {
      "score": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H",
      "type": "CVSS_V3"
    }
  ]
}

GHSA-7WC5-9F3F-6F5R

Vulnerability from github – Published: 2025-07-30 18:31 – Updated: 2025-07-30 18:31
VLAI
Details

Deadlock in PAM automatic check-in feature in Devolutions Server allows a password to remain valid beyond the end of its intended check-out period due to a deadlock occurring in the scheduling service.This issue affects the following version(s) :

  • Devolutions Server 2025.2.5.0 and earlier
Show details on source website

{
  "affected": [],
  "aliases": [
    "CVE-2025-8312"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-833"
    ],
    "github_reviewed": false,
    "github_reviewed_at": null,
    "nvd_published_at": "2025-07-30T16:15:29Z",
    "severity": "HIGH"
  },
  "details": "Deadlock in PAM automatic check-in feature in Devolutions Server allows a password to remain valid beyond the end of its intended check-out period due to a deadlock occurring in the scheduling service.This issue affects the following version(s) :\n\n  *  \nDevolutions Server 2025.2.5.0 and earlier",
  "id": "GHSA-7wc5-9f3f-6f5r",
  "modified": "2025-07-30T18:31:36Z",
  "published": "2025-07-30T18:31:36Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2025-8312"
    },
    {
      "type": "WEB",
      "url": "https://devolutions.net/security/advisories/DEVO-2025-0013"
    }
  ],
  "schema_version": "1.4.0",
  "severity": [
    {
      "score": "CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:L/I:H/A:H",
      "type": "CVSS_V3"
    }
  ]
}

GHSA-8J39-C987-FRXV

Vulnerability from github – Published: 2025-10-28 09:31 – Updated: 2025-10-28 09:31
VLAI
Details

Webserver crash caused by scanning on TCP port 80 in Softing Industrial Automation GmbH gateways and switch.This issue affects

smartLink HW-PN: from 1.02 through 1.03

smartLink HW-DP: 1.31

Show details on source website

{
  "affected": [],
  "aliases": [
    "CVE-2025-10150"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-833"
    ],
    "github_reviewed": false,
    "github_reviewed_at": null,
    "nvd_published_at": "2025-10-28T08:15:32Z",
    "severity": "HIGH"
  },
  "details": "Webserver crash caused by scanning on TCP port 80 in Softing Industrial Automation GmbH gateways and switch.This issue affects\n\nsmartLink HW-PN: from 1.02 through 1.03\n\nsmartLink HW-DP: 1.31",
  "id": "GHSA-8j39-c987-frxv",
  "modified": "2025-10-28T09:31:54Z",
  "published": "2025-10-28T09:31:54Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2025-10150"
    },
    {
      "type": "WEB",
      "url": "https://industrial.softing.com/fileadmin/psirt/downloads/2025/CVE-2025-10150.html"
    },
    {
      "type": "WEB",
      "url": "https://industrial.softing.com/fileadmin/psirt/downloads/2025/CVE-2025-10150.json"
    }
  ],
  "schema_version": "1.4.0",
  "severity": [
    {
      "score": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:L/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:Y/R:U/V:X/RE:M/U:Amber",
      "type": "CVSS_V4"
    }
  ]
}

GHSA-9H59-P45G-445H

Vulnerability from github – Published: 2026-03-26 22:13 – Updated: 2026-03-27 21:51
VLAI
Summary
Ella Core has a Denial of Service via SCTP connection cleanup deadlock
Details

Summary

A deadlock in the AMF's SCTP notification handler causes the entire AMF control plane to hang until the process is restarted.

Impact

An attacker with access to the N2 interface can cause Ella Core to hang, resulting in a denial of service for all subscribers.

Fix

Add deferred Radio cleanup in serveConn SCTP server so that every connection exit path removes the radio. Remove the stale-entry scan from SCTP Notification handling.

Show details on source website

{
  "affected": [
    {
      "package": {
        "ecosystem": "Go",
        "name": "github.com/ellanetworks/core"
      },
      "ranges": [
        {
          "events": [
            {
              "introduced": "0"
            },
            {
              "fixed": "1.7.0"
            }
          ],
          "type": "ECOSYSTEM"
        }
      ]
    }
  ],
  "aliases": [
    "CVE-2026-33904"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-833"
    ],
    "github_reviewed": true,
    "github_reviewed_at": "2026-03-26T22:13:33Z",
    "nvd_published_at": "2026-03-27T21:17:26Z",
    "severity": "MODERATE"
  },
  "details": "## Summary\n\nA deadlock in the AMF\u0027s SCTP notification handler causes the entire AMF control plane to hang until the process is restarted. \n\n## Impact\n\nAn attacker with access to the N2 interface can cause Ella Core to hang, resulting in a denial of service for all subscribers.\n\n## Fix\n\nAdd deferred Radio cleanup in serveConn SCTP server so that every connection exit path removes the radio. Remove the stale-entry scan from SCTP Notification handling.",
  "id": "GHSA-9h59-p45g-445h",
  "modified": "2026-03-27T21:51:35Z",
  "published": "2026-03-26T22:13:33Z",
  "references": [
    {
      "type": "WEB",
      "url": "https://github.com/ellanetworks/core/security/advisories/GHSA-9h59-p45g-445h"
    },
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2026-33904"
    },
    {
      "type": "WEB",
      "url": "https://github.com/ellanetworks/core/commit/999f606c5cae261471d9e3f063d7ecd1bd754076"
    },
    {
      "type": "PACKAGE",
      "url": "https://github.com/ellanetworks/core"
    },
    {
      "type": "WEB",
      "url": "https://github.com/ellanetworks/core/releases/tag/v1.7.0"
    }
  ],
  "schema_version": "1.4.0",
  "severity": [
    {
      "score": "CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
      "type": "CVSS_V3"
    }
  ],
  "summary": "Ella Core has a Denial of Service via SCTP connection cleanup deadlock "
}

GHSA-F886-X4W4-9RWJ

Vulnerability from github – Published: 2023-04-24 06:31 – Updated: 2024-03-25 03:31
VLAI
Details

An issue was discovered in drivers/media/dvb-core/dvb_frontend.c in the Linux kernel 6.2. There is a blocking operation when a task is in !TASK_RUNNING. In dvb_frontend_get_event, wait_event_interruptible is called; the condition is dvb_frontend_test_event(fepriv,events). In dvb_frontend_test_event, down(&fepriv->sem) is called. However, wait_event_interruptible would put the process to sleep, and down(&fepriv->sem) may block the process.

Show details on source website

{
  "affected": [],
  "aliases": [
    "CVE-2023-31084"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-833"
    ],
    "github_reviewed": false,
    "github_reviewed_at": null,
    "nvd_published_at": "2023-04-24T06:15:07Z",
    "severity": "MODERATE"
  },
  "details": "An issue was discovered in drivers/media/dvb-core/dvb_frontend.c in the Linux kernel 6.2. There is a blocking operation when a task is in !TASK_RUNNING. In dvb_frontend_get_event, wait_event_interruptible is called; the condition is dvb_frontend_test_event(fepriv,events). In dvb_frontend_test_event, down(\u0026fepriv-\u003esem) is called. However, wait_event_interruptible would put the process to sleep, and down(\u0026fepriv-\u003esem) may block the process.",
  "id": "GHSA-f886-x4w4-9rwj",
  "modified": "2024-03-25T03:31:44Z",
  "published": "2023-04-24T06:31:20Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2023-31084"
    },
    {
      "type": "WEB",
      "url": "https://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=b8c75e4a1b325ea0a9433fa8834be97b5836b946"
    },
    {
      "type": "WEB",
      "url": "https://lists.debian.org/debian-lts-announce/2023/07/msg00030.html"
    },
    {
      "type": "WEB",
      "url": "https://lists.debian.org/debian-lts-announce/2023/10/msg00027.html"
    },
    {
      "type": "WEB",
      "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/6HIEOLEOURP4BJZMIL7UGGPYRRB44UDN"
    },
    {
      "type": "WEB",
      "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/AOATNX5UFL7V7W2QDIQKOHFFHYKWFP4W"
    },
    {
      "type": "WEB",
      "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/6HIEOLEOURP4BJZMIL7UGGPYRRB44UDN"
    },
    {
      "type": "WEB",
      "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/AOATNX5UFL7V7W2QDIQKOHFFHYKWFP4W"
    },
    {
      "type": "WEB",
      "url": "https://lore.kernel.org/all/CA+UBctCu7fXn4q41O_3=id1+OdyQ85tZY1x+TkT-6OVBL6KAUw%40mail.gmail.com"
    },
    {
      "type": "WEB",
      "url": "https://lore.kernel.org/all/CA+UBctCu7fXn4q41O_3=id1+OdyQ85tZY1x+TkT-6OVBL6KAUw@mail.gmail.com"
    },
    {
      "type": "WEB",
      "url": "https://security.netapp.com/advisory/ntap-20230929-0003"
    },
    {
      "type": "WEB",
      "url": "https://www.debian.org/security/2023/dsa-5448"
    },
    {
      "type": "WEB",
      "url": "https://www.debian.org/security/2023/dsa-5480"
    }
  ],
  "schema_version": "1.4.0",
  "severity": [
    {
      "score": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
      "type": "CVSS_V3"
    }
  ]
}

GHSA-H63J-VF47-M3CH

Vulnerability from github – Published: 2025-07-17 15:32 – Updated: 2025-07-17 15:32
VLAI
Details

When setting up interrupt remapping for legacy PCI(-X) devices, including PCI(-X) bridges, a lookup of the upstream bridge is required. This lookup, itself involving acquiring of a lock, is done in a context where acquiring that lock is unsafe. This can lead to a deadlock.

Show details on source website

{
  "affected": [],
  "aliases": [
    "CVE-2025-1713"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-833"
    ],
    "github_reviewed": false,
    "github_reviewed_at": null,
    "nvd_published_at": "2025-07-17T14:15:30Z",
    "severity": "HIGH"
  },
  "details": "When setting up interrupt remapping for legacy PCI(-X) devices,\nincluding PCI(-X) bridges, a lookup of the upstream bridge is required.\nThis lookup, itself involving acquiring of a lock, is done in a context\nwhere acquiring that lock is unsafe.  This can lead to a deadlock.",
  "id": "GHSA-h63j-vf47-m3ch",
  "modified": "2025-07-17T15:32:15Z",
  "published": "2025-07-17T15:32:15Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2025-1713"
    },
    {
      "type": "WEB",
      "url": "https://xenbits.xenproject.org/xsa/advisory-467.html"
    },
    {
      "type": "WEB",
      "url": "http://www.openwall.com/lists/oss-security/2025/02/27/1"
    },
    {
      "type": "WEB",
      "url": "http://www.openwall.com/lists/oss-security/2025/02/27/3"
    },
    {
      "type": "WEB",
      "url": "http://www.openwall.com/lists/oss-security/2025/02/28/1"
    },
    {
      "type": "WEB",
      "url": "http://xenbits.xen.org/xsa/advisory-467.html"
    }
  ],
  "schema_version": "1.4.0",
  "severity": [
    {
      "score": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
      "type": "CVSS_V3"
    }
  ]
}

GHSA-H65W-P466-MPMX

Vulnerability from github – Published: 2026-05-28 21:32 – Updated: 2026-05-28 21:32
VLAI
Details

Ubuntu Linux 6.8, 6.17 and 7.0 contain AppArmor SAUCE patches which incorrectly sleep while holding a spinlock in notification handling code. The bug can be triggered by an unprivileged local user and can result in kernel panic or deadlock.

Show details on source website

{
  "affected": [],
  "aliases": [
    "CVE-2026-47334"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-833"
    ],
    "github_reviewed": false,
    "github_reviewed_at": null,
    "nvd_published_at": "2026-05-28T19:16:42Z",
    "severity": "MODERATE"
  },
  "details": "Ubuntu Linux 6.8, 6.17 and 7.0 contain AppArmor SAUCE patches which incorrectly sleep while holding a spinlock in notification handling code. The bug can be triggered by an unprivileged local user and can result in kernel panic or deadlock.",
  "id": "GHSA-h65w-p466-mpmx",
  "modified": "2026-05-28T21:32:02Z",
  "published": "2026-05-28T21:32:02Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2026-47334"
    },
    {
      "type": "WEB",
      "url": "https://git.launchpad.net/~ubuntu-kernel/ubuntu/+source/linux/+git/noble/commit/?id=f0e73aec23d13a9877fba096b1c2fd19f66e5313"
    }
  ],
  "schema_version": "1.4.0",
  "severity": [
    {
      "score": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
      "type": "CVSS_V3"
    }
  ]
}

No mitigation information available for this CWE.

CAPEC-25: Forced Deadlock

The adversary triggers and exploits a deadlock condition in the target software to cause a denial of service. A deadlock can occur when two or more competing actions are waiting for each other to finish, and thus neither ever does. Deadlock conditions can be difficult to detect.