Description
The product uses or accesses a file descriptor after it has been closed.
After a file descriptor for a particular file or device has been released, it can be reused. The code might not write to the original file, since the reused file descriptor might reference a different file or device.
Potential Impact
Confidentiality
Read Files or Directories
Availability
DoS: Crash, Exit, or Restart
Detection Methods
- Automated Static Analysis High — Automated static analysis, commonly referred to as Static Application Security Testing (SAST), can find some instances of this weakness by analyzing source code (or binary/compiled code) without having to execute it. Typically, this is done by building a model of data flow and control flow, then sea
Related Weaknesses
Taxonomy Mappings
- CERT C Secure Coding: FIO46-C — Do not access a closed file
Frequently Asked Questions
What is CWE-910?
CWE-910 (Use of Expired File Descriptor) is a software weakness identified by MITRE's Common Weakness Enumeration. It is classified as a Base-level weakness. The product uses or accesses a file descriptor after it has been closed.
How can CWE-910 be exploited?
Attackers can exploit CWE-910 (Use of Expired File Descriptor) to read files or directories. This weakness is typically introduced during the Implementation phase of software development.
How do I prevent CWE-910?
Follow secure coding practices, conduct code reviews, and use automated security testing tools (SAST/DAST) to detect this weakness early in the development lifecycle.
What is the severity of CWE-910?
CWE-910 is classified as a Base-level weakness (Medium abstraction). Its actual severity depends on the specific context and how the weakness manifests in your application.