English
Français
Light
Dark
System

CVEFind - Alertes CVE

Restez informé en continue
Créer un compte Ouvrez un compte Simple et Gratuit Se connecter Gérez vos alertes

CWE-440 Detail

CWE-440

Expected Behavior Violation
Draft
2006-07-19 00:00 +00:00
2024-02-29 00:00 +00:00
CWE Mitre.org

Alerte pour un CWE

Restez informé de toutes modifications pour un CWE spécifique.
Gestion des alertes

Expected Behavior Violation

A feature, API, or function does not perform according to its specification.

Informations

Modes Of Introduction

Architecture and Design
Implementation
Operation

Applicable Platforms

Language

Class: Not Language-Specific (Undetermined)

Technologies

Class: ICS/OT (Undetermined)

Common Consequences

Scope Impact Likelihood
OtherQuality Degradation, Varies by Context

Observed Examples

Reference Description
CVE-2003-0187Program uses large timeouts on unconfirmed connections resulting from inconsistency in linked lists implementations.
CVE-2003-0465"strncpy" in Linux kernel acts different than libc on x86, leading to expected behavior difference - sort of a multiple interpretation error?
CVE-2005-3265Buffer overflow in product stems the use of a third party library function that is expected to have internal protection against overflows, but doesn't.

Vulnerability Mapping Notes

Rationale : This CWE entry is at the Base level of abstraction, which is a preferred level of abstraction for mapping to the root causes of vulnerabilities.
Comments : Carefully read both the name and description to ensure that this mapping is an appropriate fit. Do not try to 'force' a mapping to a lower-level Base/Variant simply to comply with this preferred level of abstraction.

Notes

The behavior of an application that is not consistent with the expectations of the developer may lead to incorrect use of the software.

References

REF-1384

The RISC-V Instruction Set Manual Volume II: Privileged Architecture page 28
https://riscv.org/wp-content/uploads/2017/05/riscv-privileged-v1.10.pdf

REF-1385

csr_regfile.sv
https://github.com/HACK-EVENT/hackatdac21/blob/b9ecdf6068445d76d6bee692d163fededf7a9d9b/piton/design/chip/tile/ariane/src/csr_regfile.sv

REF-1386

Fix for csr_regfile.sv
https://github.com/HACK-EVENT/hackatdac21/blob/2341c625a28d2fb87d370e32c45b68bd711cc43b/piton/design/chip/tile/ariane/src/csr_regfile.sv#L519C4-L522C20

Submission

Name Organization Date Date Release Version
PLOVER 2006-07-19 +00:00 2006-07-19 +00:00 Draft 3

Modifications

Name Organization Date Comment
Eric Dalci Cigital 2008-07-01 +00:00 updated Time_of_Introduction
CWE Content Team MITRE 2008-09-08 +00:00 updated Relationships, Other_Notes, Taxonomy_Mappings
CWE Content Team MITRE 2009-10-29 +00:00 updated Other_Notes, Relevant_Properties, Theoretical_Notes
CWE Content Team MITRE 2011-06-01 +00:00 updated Common_Consequences
CWE Content Team MITRE 2011-06-27 +00:00 updated Common_Consequences
CWE Content Team MITRE 2012-05-11 +00:00 updated Relationships
CWE Content Team MITRE 2014-07-30 +00:00 updated Relationships
CWE Content Team MITRE 2017-11-08 +00:00 updated Applicable_Platforms, Relevant_Properties
CWE Content Team MITRE 2020-02-24 +00:00 updated Relationships
CWE Content Team MITRE 2020-08-20 +00:00 updated Description, Observed_Examples, Theoretical_Notes
CWE Content Team MITRE 2023-01-31 +00:00 updated Applicable_Platforms, Relationships
CWE Content Team MITRE 2023-04-27 +00:00 updated Relationships
CWE Content Team MITRE 2023-06-29 +00:00 updated Mapping_Notes
CWE Content Team MITRE 2023-10-26 +00:00 updated Observed_Examples
CWE Content Team MITRE 2024-02-29 +00:00 updated Demonstrative_Examples, References

Plus d'informations
Cliquez sur le bouton à gauche (OFF), pour autoriser l'inscription de cookie améliorant les fonctionnalités du site. Cliquez sur le bouton à gauche (Tout accepter), pour ne plus autoriser l'inscription de cookie améliorant les fonctionnalités du site.