CWE-910: Use of Expired File Descriptor
Also known as: Stale file descriptor
The product uses or accesses a file descriptor after it has been closed.
Last updated
Overview
After a file descriptor for a particular file or device has been released, it can be reused. The code might not write to the original file, since the reused file descriptor might reference a different file or device.
Real-world CVEs
2 recorded CVEs are caused by CWE-910 (Use of Expired File Descriptor). The highest-severity and most recent are shown first. 1 new CWE-910 CVE has been recorded so far in 2026.
Common consequences
What can happen when CWE-910 is exploited.
Read Files or Directories
Affects: Confidentiality
The program could read data from the wrong file.
DoS: Crash, Exit, or Restart
Affects: Availability
Accessing a file descriptor that has been closed can cause a crash.