SecPod SCAP Repo, a repository of SCAP Content (CVE, CCE, CPE, CWE, OVAL and XCCDF)

Download | Alert*

CWE

Improper Control of a Resource Through its Lifetime

ID: 664		Date: (C)2012-05-14 (M)2022-10-10
Type: weakness		Status: DRAFT
Abstraction Type: Class

Description

The software does not maintain or incorrectly maintains control over a resource throughout its lifetime of creation, use, and release.

Extended Description

Resources often have explicit instructions on how to be created, used and destroyed. When software does not follow these instructions, it can lead to unexpected behaviors and potentially exploitable states.

Even without explicit instructions, various principles are expected to be adhered to, such as "Do not use an object until after its creation is complete," or "do not use an object after it has been slated for destruction."

Applicable Platforms
None

Time Of Introduction

Implementation

Related Attack Patterns

Common Consequences

Scope	Technical Impact	Notes
Other	Other

Detection Methods
None

Potential Mitigations

Phase	Strategy	Description	Effectiveness	Notes
Testing		Use Static analysis tools to check for unreleased resources.

Relationships

Related CWE	Type	View	Chain
CWE-664 ChildOf CWE-892	Category	CWE-888

Demonstrative Examples
None

White Box Definitions
None

Black Box Definitions
None

Taxynomy Mappings
None

References:
None


30389



423868



247085



909



194218



282