Premature Release of Resource During Expected Lifetime

The product releases a resource that is still intended to be used by itself or another actor.


Description

This weakness focuses on errors in which the product should not release a resource, but performs the release anyway. This is different than a weakness in which the product releases a resource at the appropriate time, but it maintains a reference to the resource, which it later accesses. For this weakness, the resource should still be valid upon the subsequent access.

When a product releases a resource that is still being used, it is possible that operations will still be taken on this resource, which may have been repurposed in the meantime, leading to issues similar to CWE-825. Consequences may include denial of service, information exposure, or code execution.

See Also

Comprehensive Categorization: Resource Control

Weaknesses in this category are related to resource control.

Business Logic Errors

Weaknesses in this category identify some of the underlying problems that commonly allow attackers to manipulate the business logic of an application. Errors in busine...

Resource Management Errors

Weaknesses in this category are related to improper management of system resources.

Comprehensive CWE Dictionary

This view (slice) covers all the elements in CWE.

Weakness Base Elements

This view (slice) displays only weakness base elements.


Common Weakness Enumeration content on this website is copyright of The MITRE Corporation unless otherwise specified. Use of the Common Weakness Enumeration and the associated references on this website are subject to the Terms of Use as specified by The MITRE Corporation.