BaseIncomplete

CWE-771Missing Reference to Active Allocated Resource

Category: logic

Description

The product does not properly maintain a reference to a resource that has been allocated, which prevents the resource from being reclaimed. This does not necessarily apply in languages or frameworks that automatically perform garbage collection, since the removal of all references may act as a signal that the resource is ready to be reclaimed.

Common consequences· 1

  • Availability — DoS: Resource Consumption (Other)
    An attacker that can influence the allocation of resources that are not properly maintained could deplete the available resource pool and prevent all other processes from accessing the same type of resource.

Potential mitigations· 1

  • [Operation, Architecture and Design]

References

  1. https://cwe.mitre.org/data/definitions/771.html

Related by meaning· 6

Nearest entities by semantic similarity across the cs-graph corpus.

CWE
Missing Release of Resource after Effective Lifetime
CWE
Improper Resource Shutdown or Release
CWE
Missing Release of Memory after Effective Lifetime
CWE
Improper Update of Reference Count
CWE
Incomplete Cleanup
CWE
Improper Control of a Resource Through its Lifetime
Sourced from MITRE CWE 4.20. Curated for EU compliance use cases by Adam Lundqvist, Founder at SQUR.