CWE-763βRelease of Invalid Pointer or Reference
PUBLISHEDweakness record
released 2009-05-27 Β· last modified 2026-04-30
Metadata
- CWE ID:
- CWE-763
- Abstraction:
- Base
- Structure:
- Simple
- Status:
- Incomplete
- Release Date:
- 2009-05-27
- Latest Modification Date:
- 2026-04-30
Weakness Name
Release of Invalid Pointer or Reference
Description
The product attempts to return a memory resource to the system, but it calls the wrong release function or calls the appropriate release function incorrectly.
This weakness can take several forms, such as:
Common Consequences
- Scope:
- Integrity, Availability, Confidentiality
- Impact:
- Modify Memory, DoS: Crash, Exit, or Restart, Execute Unauthorized Code or Commands
- Notes:
- This weakness may result in the corruption of memory, and perhaps instructions, possibly leading to a crash. If the corrupted memory can be effectively controlled, it may be possible to execute arbitrary code.