CWE-672Operation on a Resource after Expiration or Release

PUBLISHEDweakness record
released 2008-04-11 · last modified 2025-12-11

Metadata

CWE ID:
CWE-672
摘要:
Class
结构:
Simple
状态:
Draft
发布日期:
2008-04-11
更新日期:
2025-12-11

名称

Operation on a Resource after Expiration or Release

描述

The product uses, accesses, or otherwise operates on a resource after that resource has been expired, released, or revoked.

常见后果

范围:
Integrity, Confidentiality
影响:
Modify Application Data, Read Application Data
注释:
If a released resource is subsequently reused or reallocated, then an attempt to use the original resource might allow access to sensitive data that is associated with a different user or entity.
范围:
Other, Availability
影响:
Other, DoS: Crash, Exit, or Restart
注释:
When a resource is released it might not be in an expected state, later attempts to access the resource may lead to resultant errors that may lead to a crash.

相关 CWE