logo

CWE-789 - Memory Allocation with Excessive Size Value

CWE-789

  • Abstraction:
  • Variant
  • Structure:
  • Simple
  • Status:
  • Draft
Weakness Name

Memory Allocation with Excessive Size Value

Description

The product allocates memory based on an untrusted, large size value, but it does not ensure that the size is within expected limits, allowing arbitrary amounts of memory to be allocated.

Common Consequences

Scope: Availability

Impact: DoS: Resource Consumption (Memory)

Notes: Not controlling memory allocation can result in a request for too much system memory, possibly leading to a crash of the application due to out-of-memory conditions, or the consumption of a large amount of memory on the system.

Related Weaknesses
  • Release Date:
  • 2009-10-29
  • Latest Modification Date:
  • 2023-06-29

Free security scan for your website