Base weakness

Draft

CWE-403: Exposure of File Descriptor to Unintended Control Sphere ('File Descriptor Leak')

Also known as: File descriptor leak

A process does not close sensitive file descriptors before invoking a child process, which allows the child to perform unauthorized I/O operations using those descriptors.

Recorded CVEs

With this primary weakness

KEVs

In the CISA KEV catalog

Not rated

Likelihood of exploit

Per MITRE

Base

Abstraction

MITRE classification

Overview

When a new process is forked or executed, the child process inherits any open file descriptors. When the child process has fewer privileges than the parent process, this might introduce a vulnerability if the child process can access the file descriptor but does not have the privileges to access the associated file.

CWE-403: Exposure of File Descriptor to Unintended Control Sphere ('File Descriptor Leak')

Overview

Real-world CVEs

Common consequences

How it happens

When it is introduced

Applies to

How to detect it

Automated Static Analysis

Illustrative examples

Terminology & mappings

Alternate terms

Mapped taxonomies

Frequently asked questions

What is CWE-403?

What CVEs are caused by CWE-403?

How is CWE-403 detected?

What are the consequences of CWE-403?

Is CWE-403 actively exploited?

References

Stay ahead of CWE-403

Overview

Real-world CVEs

Common consequences

How it happens

When it is introduced

Applies to

How to detect it

Automated Static Analysis

Illustrative examples

Related weaknesses

Parent

Terminology & mappings

Alternate terms

Mapped taxonomies

Frequently asked questions

What is CWE-403?

What CVEs are caused by CWE-403?

How is CWE-403 detected?

What are the consequences of CWE-403?

Is CWE-403 actively exploited?

References

Stay ahead of CWE-403