diff --git a/typo3/sysext/core/Classes/FormProtection/AbstractFormProtection.php b/typo3/sysext/core/Classes/FormProtection/AbstractFormProtection.php
index 5e7d06cb29d9ea83b21ac9bff2122a7413a3738f..4226c9c585262e54642aeafa368c8aed60efcaf0 100644
--- a/typo3/sysext/core/Classes/FormProtection/AbstractFormProtection.php
+++ b/typo3/sysext/core/Classes/FormProtection/AbstractFormProtection.php
@@ -16,6 +16,7 @@
 namespace TYPO3\CMS\Core\FormProtection;
 
 use TYPO3\CMS\Core\Crypto\Random;
+use TYPO3\CMS\Core\Security\BlockSerializationTrait;
 use TYPO3\CMS\Core\Utility\GeneralUtility;
 
 /**
@@ -27,6 +28,8 @@ use TYPO3\CMS\Core\Utility\GeneralUtility;
  */
 abstract class AbstractFormProtection
 {
+    use BlockSerializationTrait;
+
     /**
      * @var \Closure
      */
diff --git a/typo3/sysext/core/Classes/Locking/FileLockStrategy.php b/typo3/sysext/core/Classes/Locking/FileLockStrategy.php
index dffa514e08b656a3a86dcb8d64f1e3912a5fa0f3..5ce26c230bb764a5a8d961bd5fabb13ef7b9b5ce 100644
--- a/typo3/sysext/core/Classes/Locking/FileLockStrategy.php
+++ b/typo3/sysext/core/Classes/Locking/FileLockStrategy.php
@@ -19,6 +19,7 @@ use TYPO3\CMS\Core\Core\Environment;
 use TYPO3\CMS\Core\Locking\Exception\LockAcquireException;
 use TYPO3\CMS\Core\Locking\Exception\LockAcquireWouldBlockException;
 use TYPO3\CMS\Core\Locking\Exception\LockCreateException;
+use TYPO3\CMS\Core\Security\BlockSerializationTrait;
 use TYPO3\CMS\Core\Utility\GeneralUtility;
 
 /**
@@ -26,8 +27,9 @@ use TYPO3\CMS\Core\Utility\GeneralUtility;
  */
 class FileLockStrategy implements LockingStrategyInterface
 {
-    const FILE_LOCK_FOLDER = 'lock/';
+    use BlockSerializationTrait;
 
+    const FILE_LOCK_FOLDER = 'lock/';
     const DEFAULT_PRIORITY = 75;
 
     /**
diff --git a/typo3/sysext/core/Classes/Locking/SemaphoreLockStrategy.php b/typo3/sysext/core/Classes/Locking/SemaphoreLockStrategy.php
index e0af62d44cee0b5eed82bf931edf7ca30e6bb6fc..ae5c42b378ab174b357c015a2bcf67a9e358b99f 100644
--- a/typo3/sysext/core/Classes/Locking/SemaphoreLockStrategy.php
+++ b/typo3/sysext/core/Classes/Locking/SemaphoreLockStrategy.php
@@ -18,6 +18,7 @@ namespace TYPO3\CMS\Core\Locking;
 use TYPO3\CMS\Core\Core\Environment;
 use TYPO3\CMS\Core\Locking\Exception\LockAcquireException;
 use TYPO3\CMS\Core\Locking\Exception\LockCreateException;
+use TYPO3\CMS\Core\Security\BlockSerializationTrait;
 use TYPO3\CMS\Core\Utility\GeneralUtility;
 
 /**
@@ -25,8 +26,9 @@ use TYPO3\CMS\Core\Utility\GeneralUtility;
  */
 class SemaphoreLockStrategy implements LockingStrategyInterface
 {
-    const FILE_LOCK_FOLDER = 'lock/';
+    use BlockSerializationTrait;
 
+    const FILE_LOCK_FOLDER = 'lock/';
     const DEFAULT_PRIORITY = 25;
 
     /**
diff --git a/typo3/sysext/core/Classes/Locking/SimpleLockStrategy.php b/typo3/sysext/core/Classes/Locking/SimpleLockStrategy.php
index 892b2f361a0266c04553fcf31cec2aa0a289eb25..374a607225536ef263f51052945b9165b94295da 100644
--- a/typo3/sysext/core/Classes/Locking/SimpleLockStrategy.php
+++ b/typo3/sysext/core/Classes/Locking/SimpleLockStrategy.php
@@ -18,6 +18,7 @@ namespace TYPO3\CMS\Core\Locking;
 use TYPO3\CMS\Core\Core\Environment;
 use TYPO3\CMS\Core\Locking\Exception\LockAcquireWouldBlockException;
 use TYPO3\CMS\Core\Locking\Exception\LockCreateException;
+use TYPO3\CMS\Core\Security\BlockSerializationTrait;
 use TYPO3\CMS\Core\Utility\GeneralUtility;
 
 /**
@@ -25,8 +26,9 @@ use TYPO3\CMS\Core\Utility\GeneralUtility;
  */
 class SimpleLockStrategy implements LockingStrategyInterface
 {
-    const FILE_LOCK_FOLDER = 'lock/';
+    use BlockSerializationTrait;
 
+    const FILE_LOCK_FOLDER = 'lock/';
     const DEFAULT_PRIORITY = 50;
 
     /**
diff --git a/typo3/sysext/core/Classes/Log/Writer/AbstractWriter.php b/typo3/sysext/core/Classes/Log/Writer/AbstractWriter.php
index 9a93a56ff30d9f7331e446648e3735b43fab72ee..c8c38c13728694ad7c987a088956eece4be03a79 100644
--- a/typo3/sysext/core/Classes/Log/Writer/AbstractWriter.php
+++ b/typo3/sysext/core/Classes/Log/Writer/AbstractWriter.php
@@ -16,12 +16,15 @@
 namespace TYPO3\CMS\Core\Log\Writer;
 
 use TYPO3\CMS\Core\Log\Exception\InvalidLogWriterConfigurationException;
+use TYPO3\CMS\Core\Security\BlockSerializationTrait;
 
 /**
  * Abstract implementation of a log writer
  */
 abstract class AbstractWriter implements WriterInterface
 {
+    use BlockSerializationTrait;
+
     /**
      * Constructs this log writer
      *
diff --git a/typo3/sysext/core/Classes/Mail/MemorySpool.php b/typo3/sysext/core/Classes/Mail/MemorySpool.php
index ef85b4cc90eff15ff43cb33c803844f31f5059bf..057481d3a72f55972367ad0f9e0d3f11d58c65b7 100644
--- a/typo3/sysext/core/Classes/Mail/MemorySpool.php
+++ b/typo3/sysext/core/Classes/Mail/MemorySpool.php
@@ -23,6 +23,7 @@ use Symfony\Component\Mailer\Exception\TransportExceptionInterface;
 use Symfony\Component\Mailer\SentMessage;
 use Symfony\Component\Mailer\Transport\AbstractTransport;
 use Symfony\Component\Mailer\Transport\TransportInterface;
+use TYPO3\CMS\Core\Security\BlockSerializationTrait;
 use TYPO3\CMS\Core\SingletonInterface;
 use TYPO3\CMS\Core\Utility\GeneralUtility;
 
@@ -38,6 +39,7 @@ use TYPO3\CMS\Core\Utility\GeneralUtility;
  */
 class MemorySpool extends AbstractTransport implements SingletonInterface, LoggerAwareInterface, DelayedTransportInterface
 {
+    use BlockSerializationTrait;
     use LoggerAwareTrait;
 
     /**
diff --git a/typo3/sysext/core/Classes/Security/BlockSerializationTrait.php b/typo3/sysext/core/Classes/Security/BlockSerializationTrait.php
new file mode 100644
index 0000000000000000000000000000000000000000..f4e39740a34119ae45091298a05fac549291a7a6
--- /dev/null
+++ b/typo3/sysext/core/Classes/Security/BlockSerializationTrait.php
@@ -0,0 +1,40 @@
+<?php
+
+declare(strict_types=1);
+
+/*
+ * This file is part of the TYPO3 CMS project.
+ *
+ * It is free software; you can redistribute it and/or modify it under
+ * the terms of the GNU General Public License, either version 2
+ * of the License, or any later version.
+ *
+ * For the full copyright and license information, please read the
+ * LICENSE.txt file that was distributed with this source code.
+ *
+ * The TYPO3 project - inspiring people to share!
+ */
+
+namespace TYPO3\CMS\Core\Security;
+
+/**
+ * Blocks object being using in `serialize()` and `unserialize()` invocations.
+ */
+trait BlockSerializationTrait
+{
+    /**
+     * Deny object serialization.
+     */
+    public function __sleep()
+    {
+        throw new \BadMethodCallException('Cannot serialize ' . __CLASS__, 1588784141);
+    }
+
+    /**
+     * Deny object deserialization.
+     */
+    public function __wakeup()
+    {
+        throw new \BadMethodCallException('Cannot unserialize ' . __CLASS__, 1588784142);
+    }
+}
diff --git a/typo3/sysext/core/Classes/Service/AbstractService.php b/typo3/sysext/core/Classes/Service/AbstractService.php
index db0b88f211133f515af3f15b8b4d36d3ad812760..0f89c57c668e1cc43070af05a8d50cdd3cb1ee6c 100644
--- a/typo3/sysext/core/Classes/Service/AbstractService.php
+++ b/typo3/sysext/core/Classes/Service/AbstractService.php
@@ -17,6 +17,7 @@ namespace TYPO3\CMS\Core\Service;
 
 use Psr\Log\LoggerAwareInterface;
 use Psr\Log\LoggerAwareTrait;
+use TYPO3\CMS\Core\Security\BlockSerializationTrait;
 use TYPO3\CMS\Core\TimeTracker\TimeTracker;
 use TYPO3\CMS\Core\Utility\CommandUtility;
 use TYPO3\CMS\Core\Utility\ExtensionManagementUtility;
@@ -27,6 +28,7 @@ use TYPO3\CMS\Core\Utility\GeneralUtility;
  */
 abstract class AbstractService implements LoggerAwareInterface
 {
+    use BlockSerializationTrait;
     use LoggerAwareTrait;
 
     // General error - something went wrong
diff --git a/typo3/sysext/extbase/Classes/Reflection/ReflectionService.php b/typo3/sysext/extbase/Classes/Reflection/ReflectionService.php
index 033cd5aa7d2aa1937fa2887aae4157c2786ea773..2117d096d22b997d2899b8ddf84db3bd682e24c4 100644
--- a/typo3/sysext/extbase/Classes/Reflection/ReflectionService.php
+++ b/typo3/sysext/extbase/Classes/Reflection/ReflectionService.php
@@ -18,6 +18,7 @@ namespace TYPO3\CMS\Extbase\Reflection;
 use TYPO3\CMS\Core\Cache\CacheManager;
 use TYPO3\CMS\Core\Core\Environment;
 use TYPO3\CMS\Core\Information\Typo3Version;
+use TYPO3\CMS\Core\Security\BlockSerializationTrait;
 use TYPO3\CMS\Core\SingletonInterface;
 use TYPO3\CMS\Extbase\Reflection\Exception\UnknownClassException;
 
@@ -27,6 +28,8 @@ use TYPO3\CMS\Extbase\Reflection\Exception\UnknownClassException;
  */
 class ReflectionService implements SingletonInterface
 {
+    use BlockSerializationTrait;
+
     /**
      * @var string
      */
diff --git a/typo3/sysext/extensionmanager/Classes/Controller/UploadExtensionFileController.php b/typo3/sysext/extensionmanager/Classes/Controller/UploadExtensionFileController.php
index 5792d0f00be076665cccd974aef05b70d98ad57f..cd5396be858513340211910d54b00464edbdf39d 100644
--- a/typo3/sysext/extensionmanager/Classes/Controller/UploadExtensionFileController.php
+++ b/typo3/sysext/extensionmanager/Classes/Controller/UploadExtensionFileController.php
@@ -18,6 +18,7 @@ namespace TYPO3\CMS\Extensionmanager\Controller;
 use TYPO3\CMS\Core\Configuration\ExtensionConfiguration;
 use TYPO3\CMS\Core\Core\Environment;
 use TYPO3\CMS\Core\Messaging\FlashMessage;
+use TYPO3\CMS\Core\Security\BlockSerializationTrait;
 use TYPO3\CMS\Core\Utility\GeneralUtility;
 use TYPO3\CMS\Extbase\Mvc\Exception\StopActionException;
 use TYPO3\CMS\Extensionmanager\Domain\Repository\ExtensionRepository;
@@ -34,6 +35,8 @@ use TYPO3\CMS\Extensionmanager\Utility\FileHandlingUtility;
  */
 class UploadExtensionFileController extends AbstractController
 {
+    use BlockSerializationTrait;
+
     /**
      * @var ExtensionRepository
      */
diff --git a/typo3/sysext/install/Classes/Service/Session/FileSessionHandler.php b/typo3/sysext/install/Classes/Service/Session/FileSessionHandler.php
index 70ef12f3c5c7897ff31b74db35188da04a60302f..3e42c916605c3c9e6170a925353478ad0400897c 100644
--- a/typo3/sysext/install/Classes/Service/Session/FileSessionHandler.php
+++ b/typo3/sysext/install/Classes/Service/Session/FileSessionHandler.php
@@ -17,6 +17,7 @@ declare(strict_types=1);
 
 namespace TYPO3\CMS\Install\Service\Session;
 
+use TYPO3\CMS\Core\Security\BlockSerializationTrait;
 use TYPO3\CMS\Core\Utility\GeneralUtility;
 use TYPO3\CMS\Install\Service\Exception;
 
@@ -26,6 +27,8 @@ use TYPO3\CMS\Install\Service\Exception;
  */
 class FileSessionHandler implements \SessionHandlerInterface
 {
+    use BlockSerializationTrait;
+
     /**
      * The path to our var/session/ folder (where we can write our sessions). Set in the
      * constructor.
diff --git a/typo3/sysext/install/Classes/Service/SessionService.php b/typo3/sysext/install/Classes/Service/SessionService.php
index fe6768e8a703b59b0e20db42dd5b1ccb7af592bb..bd38e0fda3eb54fa7d975dc3f0f493a3222b9668 100644
--- a/typo3/sysext/install/Classes/Service/SessionService.php
+++ b/typo3/sysext/install/Classes/Service/SessionService.php
@@ -19,6 +19,7 @@ use Symfony\Component\HttpFoundation\Cookie;
 use TYPO3\CMS\Core\Core\Environment;
 use TYPO3\CMS\Core\Http\CookieHeaderTrait;
 use TYPO3\CMS\Core\Messaging\FlashMessage;
+use TYPO3\CMS\Core\Security\BlockSerializationTrait;
 use TYPO3\CMS\Core\SingletonInterface;
 use TYPO3\CMS\Core\Utility\GeneralUtility;
 use TYPO3\CMS\Install\Exception;
@@ -30,6 +31,7 @@ use TYPO3\CMS\Install\Service\Session\FileSessionHandler;
  */
 class SessionService implements SingletonInterface
 {
+    use BlockSerializationTrait;
     use CookieHeaderTrait;
 
     /**