Tag Archives: Improper Handling of Exceptional Conditions

CWE-755 – Improper Handling of Exceptional Conditions

Read Time:31 Second

Description

The software does not handle or incorrectly handles an exceptional condition.

Modes of Introduction:

– Implementation

Likelihood of Exploit: Medium

 

Related Weaknesses

CWE-703

 

Consequences

Other: Other

 

Potential Mitigations

CVE References

 

  • CVE-2021-3011
    • virtual interrupt controller in a virtualization product allows crash of host by writing a certain invalid value to a register, which triggers a fatal error instead of returning an error code
  • CVE-2008-4302
    • Chain: OS kernel does not properly handle a failure of a function call (CWE-755), leading to an unlock of a resource that was not locked (CWE-832), with resultant crash.