BaseDraft
CWE-226Sensitive Information in Resource Not Removed Before Reuse
Category: data-exposure
Description
The product releases a resource such as memory or a file so that it can be made available for reuse, but it does not clear or "zeroize" the information contained in the resource before the product performs a critical state transition or makes the resource available for reuse by other entities.
Common consequences· 1
- Confidentiality — Read Application Data
Potential mitigations· 2
- [Architecture and Design, Implementation]During critical state transitions, information not needed in the next state should be removed or overwritten with fixed patterns (such as all 0's) or random data, before the transition to the next state.
- [Architecture and Design, Implementation]When releasing, de-allocating, or deleting a resource, overwrite its data and relevant metadata with fixed patterns or random data. Be cautious about complex resource types whose underlying representation might be non-contiguous or change at a low level, such as how a file might be split into different chunks on a file system, even though "logical" file positions are contiguous at the application layer. Such resource types might require invocation of special modes or APIs to tell the underlying operating system to perform the necessary clearing, such as SDelete (Secure Delete) on Windows, although the appropriate functionality might not be available at the application layer.
Related CAPEC attack patterns· 1
References
Exploits (incoming)1
| Type | Target | Confidence | Tier |
|---|---|---|---|
| AttackPattern | Retrieve Embedded Sensitive Datacapec-37 | 100% | live |
Related by meaning· 6
Nearest entities by semantic similarity across the cs-graph corpus.