CWE-772—Missing Release of Resource after Effective Lifetime
PUBLISHEDweakness recordHigh
released 2009-05-27 · last modified 2025-12-11
Metadata
- CWE ID:
- CWE-772
- 摘要:
- Base
- 结构:
- Simple
- 状态:
- Draft
- 发布日期:
- 2009-05-27
- 更新日期:
- 2025-12-11
名称
Missing Release of Resource after Effective Lifetime
描述
The product does not release a resource after its effective lifetime has ended, i.e., after the resource is no longer needed.
常见后果
- 范围:
- Availability
- 影响:
- DoS: Resource Consumption (Other), DoS: Resource Consumption (Memory), DoS: Resource Consumption (CPU)
- 注释:
- An attacker that can influence the allocation of resources that are not properly released could deplete the available resource pool and prevent all other processes from accessing the same type of resource. Frequently-affected resources include memory, CPU, disk space, power or battery, etc.