VariantIncomplete

CWE-774Allocation of File Descriptors or Handles Without Limits or Throttling

Category: other

Description

The product allocates file descriptors or handles on behalf of an actor without imposing any restrictions on how many descriptors can be allocated, in violation of the intended security policy for that actor. This can cause the product to consume all available file descriptors or handles, which can prevent other processes from performing critical file processing operations.

Common consequences· 1

  • Availability — DoS: Resource Consumption (Other)
    When allocating resources without limits, an attacker could prevent all other processes from accessing the same type of resource.

Potential mitigations· 1

  • [Operation, Architecture and Design]

References

  1. https://cwe.mitre.org/data/definitions/774.html

Related by meaning· 6

Nearest entities by semantic similarity across the cs-graph corpus.

CWE
Missing Reference to Active File Descriptor or Handle
CWE
Missing Release of File Descriptor or Handle after Effective Lifetime
CWE
Use of Expired File Descriptor
CWE
Improper Resource Locking
CWE
Improperly Controlled Sequential Memory Allocation
CWE
Improper Locking
Sourced from MITRE CWE 4.20. Curated for EU compliance use cases by Adam Lundqvist, Founder at SQUR.