CWE-672 Detail

CWE-672

Operation on a Resource after Expiration or Release
Draft
2008-04-11
00h00 +00:00
2023-10-26
00h00 +00:00
Notifications for a CWE
Stay informed of any changes for a specific CWE.
Notifications manage

Name: Operation on a Resource after Expiration or Release

The product uses, accesses, or otherwise operates on a resource after that resource has been expired, released, or revoked.

General Informations

Modes Of Introduction

Implementation
Operation

Applicable Platforms

Language

Class: Not Language-Specific (Undetermined)

Technologies

Class: Mobile (Undetermined)

Common Consequences

Scope Impact Likelihood
Integrity
Confidentiality
Modify Application Data, Read Application Data

Note: If a released resource is subsequently reused or reallocated, then an attempt to use the original resource might allow access to sensitive data that is associated with a different user or entity.
Other
Availability
Other, DoS: Crash, Exit, or Restart

Note: When a resource is released it might not be in an expected state, later attempts to access the resource may lead to resultant errors that may lead to a crash.

Observed Examples

References Description

CVE-2009-3547

Chain: race condition (CWE-362) might allow resource to be released before operating on it, leading to NULL dereference (CWE-476)

Vulnerability Mapping Notes

Justification : This CWE entry is a Class and might have Base-level children that would be more appropriate
Comment : Examine children of this entry to see if there is a better fit

References

REF-962

Automated Source Code Security Measure (ASCSM)
Object Management Group (OMG).
http://www.omg.org/spec/ASCSM/1.0/

Submission

Name Organization Date Date release Version
CWE Content Team MITRE 2008-04-11 +00:00 2008-04-11 +00:00 Draft 9

Modifications

Name Organization Date Comment
Eric Dalci Cigital 2008-07-01 +00:00 updated Time_of_Introduction
CWE Content Team MITRE 2008-09-08 +00:00 updated Relationships
CWE Content Team MITRE 2010-02-16 +00:00 updated Demonstrative_Examples, Description, Name, Relationships
CWE Content Team MITRE 2010-09-27 +00:00 updated Observed_Examples, Relationships
CWE Content Team MITRE 2011-06-01 +00:00 updated Common_Consequences
CWE Content Team MITRE 2012-05-11 +00:00 updated Common_Consequences, Demonstrative_Examples, Relationships
CWE Content Team MITRE 2013-02-21 +00:00 updated Relationships
CWE Content Team MITRE 2014-02-18 +00:00 updated Applicable_Platforms
CWE Content Team MITRE 2014-07-30 +00:00 updated Relationships, Taxonomy_Mappings
CWE Content Team MITRE 2017-11-08 +00:00 updated Demonstrative_Examples, Taxonomy_Mappings
CWE Content Team MITRE 2019-01-03 +00:00 updated References, Relationships, Taxonomy_Mappings
CWE Content Team MITRE 2019-06-20 +00:00 updated Relationships, Type
CWE Content Team MITRE 2020-02-24 +00:00 updated Applicable_Platforms, Relationships
CWE Content Team MITRE 2020-08-20 +00:00 updated Relationships
CWE Content Team MITRE 2020-12-10 +00:00 updated Relationships
CWE Content Team MITRE 2021-10-28 +00:00 updated Relationships
CWE Content Team MITRE 2023-01-31 +00:00 updated Description
CWE Content Team MITRE 2023-04-27 +00:00 updated Relationships, Time_of_Introduction
CWE Content Team MITRE 2023-06-29 +00:00 updated Mapping_Notes
CWE Content Team MITRE 2023-10-26 +00:00 updated Observed_Examples