CWE-1246
Improper Write Handling in Limited-write Non-Volatile Memories
Description
The product does not implement or incorrectly implements wear leveling operations in limited-write non-volatile memories.
{"xhtml:p":["Non-volatile memories such as NAND Flash, EEPROM, etc. have individually erasable segments, each of which can be put through a limited number of program/erase or write cycles. For example, the device can only endure a limited number of writes, after which the device becomes unreliable. In order to wear out the cells in a uniform manner, non-volatile memory and storage products based on the above-mentioned technologies implement a technique called wear leveling. Once a set threshold is reached, wear leveling maps writes of a logical block to a different physical block. This prevents a single physical block from prematurely failing due to a high concentration of writes."]}
Parent Weaknesses (ChildOf)
Common Consequences
Scope
Impact
DoS: Instability
Potential Mitigations
Include secure wear leveling algorithms and ensure they may not be bypassed.
Applicable Platforms
Security Training
Train your team to recognize and prevent security threats with our comprehensive security awareness program.
Start TrainingVulnerability Scanning
Discover vulnerabilities in your applications and infrastructure before attackers do.
Scan Now