CWE-774 - Allocation of File Descriptors or Handles Without Limits or Throttling

CWE-774 Low

Abstraction:
Variant

Structure:
Simple

Status:
Incomplete

Weakness Name: Allocation of File Descriptors or Handles Without Limits or Throttling

Description: The product allocates file descriptors or handles on behalf of an actor without imposing any restrictions on how many descriptors can be allocated, in violation of the intended security policy for that actor.
This can cause the product to consume all available file descriptors or handles, which can prevent other processes from performing critical file processing operations.

Common Consequences: Scope: Availability
Impact: DoS: Resource Consumption (Other)
Notes: When allocating resources without limits, an attacker could prevent all other processes from accessing the same type of resource.

Related Weaknesses: CWE-770Allocation of Resources Without Limits or ThrottlingHigh

Release Date:
2009-05-27

Latest Modification Date:
2023-06-29

Free security scan for your website

Don't show website scan report rating on the leaderboard