Read Time:37 Second

Description

The software does not properly maintain a reference to a resource that has been allocated, which prevents the resource from being reclaimed.

This does not necessarily apply in languages or frameworks that automatically perform garbage collection, since the removal of all references may act as a signal that the resource is ready to be reclaimed.

Modes of Introduction:

– Architecture and Design

Likelihood of Exploit: Medium

 

Related Weaknesses

CWE-400

 

Consequences

Availability: DoS: Resource Consumption (Other)

An attacker that can influence the allocation of resources that are not properly maintained could deplete the available resource pool and prevent all other processes from accessing the same type of resource.

 

Potential Mitigations

Phase: Operation, Architecture and Design

Effectiveness:

Description: 

CVE References