CWE-911: Improper Update of Reference Count
ID
CWE-911
Abstraction
Base
Structure
Simple
Status
Incomplete
Number of CVEs
9
The product uses a reference count to manage a resource, but it does not update or incorrectly updates the reference count.
Reference counts can be used when tracking how many objects contain a reference to a particular resource, such as in memory management or garbage collection. When the reference count reaches zero, the resource can be de-allocated or reused because there are no more objects that use it. If the reference count accidentally reaches zero, then the resource might be released too soon, even though it is still in use. If all objects no longer use the resource, but the reference count is not zero, then the resource might not ever be released.
Modes of Introduction
Phase | Note |
---|---|
Implementation |
Applicable Platforms
Type | Class | Name | Prevalence |
---|---|---|---|
Language | C | ||
Language | C++ | ||
Language | Not Language-Specific |
Relationships
View | Weakness | |||||||
---|---|---|---|---|---|---|---|---|
# ID | View | Status | # ID | Name | Abstraction | Structure | Status | |
CWE-1000 | Research Concepts | Draft | CWE-664 | Improper Control of a Resource Through its Lifetime | Pillar | Simple | Draft | |
CWE-1000 | Research Concepts | Draft | CWE-672 | Operation on a Resource after Expiration or Release | Class | Simple | Draft | |
CWE-1000 | Research Concepts | Draft | CWE-772 | Missing Release of Resource after Effective Lifetime | Base | Simple | Draft |
CVEs Published
CVSS Severity
CVSS Severity - By Year
CVSS Base Score
# CVE | Description | CVSS | EPSS | EPSS Trend (30 days) | Affected Products | Weaknesses | Security Advisories | Exploits | PoC | Pubblication Date | Modification Date |
---|---|---|---|---|---|---|---|---|---|---|---|
# CVE | Description | CVSS | EPSS | EPSS Trend (30 days) | Affected Products | Weaknesses | Security Advisories | PoC | Pubblication Date | Modification Date |
Loading...