The product uses or accesses a file descriptor after it has been closed.
View on MITREAfter a file descriptor for a particular file or device has been released, it can be reused. The code might not write to the original file, since the reused file descriptor might reference a different file or device.
The program could read data from the wrong file.
Accessing a file descriptor that has been closed can cause a crash.
No mitigation information available for this CWE.
No detection method information available for this CWE.
No examples or observed CVEs available for this CWE.
CWE-910: Use of Expired File Descriptor is a Common Weakness Enumeration (CWE) entry maintained by MITRE. The product uses or accesses a file descriptor after it has been closed. After a file descriptor for a particular file or device has been released, it can be reused. The code might not write to the original file, since the reused file descriptor might reference a different file or device.
If exploited, CWE-910 (Use of Expired File Descriptor) it can compromise Confidentiality and Availability, leading to outcomes such as Read Files or Directories and DoS: Crash, Exit, or Restart.
CWE-910 commonly affects C, C++ and Not Language-Specific. Note that weaknesses are often language-agnostic patterns, so secure coding practices apply broadly.
A CWE (Common Weakness Enumeration) like CWE-910 describes a category of software weakness — the underlying flaw type. A CVE (Common Vulnerabilities and Exposures) identifies a specific, real-world vulnerability in a particular product. In short, a CWE is the kind of mistake, and a CVE is an instance of that mistake being found in software.