Tag Archives: CWE- 910

CWE-910 – Use of Expired File Descriptor

Read Time:31 Second

Description

The software uses or accesses a file descriptor after it has been closed.

After a file descriptor for a particular file or device has been released, it can be reused. The code might not write to the original file, since the reused file descriptor might reference a different file or device.

Modes of Introduction:

– Implementation

Likelihood of Exploit: Medium

 

Related Weaknesses

CWE-672

 

Consequences

Confidentiality: Read Files or Directories

The program could read data from the wrong file.

Availability: DoS: Crash, Exit, or Restart

Accessing a file descriptor that has been closed can cause a crash.

 

Potential Mitigations

CVE References