CWE-826
Premature Release of Resource During Expected Lifetime
Description
The product releases a resource that is still intended to be used by itself or another actor.
{"xhtml:p":["This weakness focuses on errors in which the product should not release a resource, but performs the release anyway. This is different than a weakness in which the product releases a resource at the appropriate time, but it maintains a reference to the resource, which it later accesses. For this weakness, the resource should still be valid upon the subsequent access.","When a product releases a resource that is still being used, it is possible that operations will still be taken on this resource, which may have been repurposed in the meantime, leading to issues similar to CWE-825. Consequences may include denial of service, information exposure, or code execution."]}
Parent Weaknesses (ChildOf)
Related Weaknesses
Common Consequences
Scope
Impact
Read Application Data, Read Memory
Scope
Impact
DoS: Crash, Exit, or Restart
Scope
Impact
Execute Unauthorized Code or Commands, Modify Application Data, Modify Memory
CVE-2009-3547Chain: race condition (CWE-362) might allow resource to be released before operating on it, leading to NULL dereference (CWE-476)
Applicable Platforms
Security Training
Train your team to recognize and prevent security threats with our comprehensive security awareness program.
Start TrainingVulnerability Scanning
Discover vulnerabilities in your applications and infrastructure before attackers do.
Scan Now