CWE-772
AllowedMissing Release of Resource after Effective Lifetime
Abstraction: Base · Status: Draft
The product does not release a resource after its effective lifetime has ended, i.e., after the resource is no longer needed.
567 vulnerabilities reference this CWE, most recent first.
GHSA-6828-FJ37-MVWR
Vulnerability from github – Published: 2026-06-25 09:31 – Updated: 2026-07-07 21:31In the Linux kernel, the following vulnerability has been resolved:
mm/hugetlb: restore reservation on error in hugetlb folio copy paths
Two sites in mm/hugetlb.c allocate a hugetlb folio via alloc_hugetlb_folio() (consuming a VMA reservation) and then call copy_user_large_folio(), which became int-returning in commit 1cb9dc4b475c ("mm: hwpoison: support recovery from HugePage copy-on-write faults") and can now fail (e.g. -EHWPOISON on a hwpoisoned source page). On the failure path, folio_put() restores the global hugetlb pool count through free_huge_folio(), but the per-VMA reservation map entry is left marked consumed:
- hugetlb_mfill_atomic_pte() resubmission path (UFFDIO_COPY)
- copy_hugetlb_page_range() fork-time CoW path when hugetlb_try_dup_anon_rmap() fails (rare: pinned hugetlb anon folio under fork)
User-visible effect: on UFFDIO_COPY into a private hugetlb VMA where the resubmission copy fails, the reservation for that address is leaked from the VMA's reserve map. A subsequent fault at the same address takes the no-reservation path, and under hugetlb pool pressure the task is SIGBUSed at an address it had previously reserved. The fork-time CoW path leaks the same way in the child VMA's reserve map, though it requires the much rarer combination of pinned hugetlb anon page + hwpoisoned source.
Add the missing restore_reserve_on_error() call before folio_put() on both error paths.
{
"affected": [],
"aliases": [
"CVE-2026-53154"
],
"database_specific": {
"cwe_ids": [
"CWE-772"
],
"github_reviewed": false,
"github_reviewed_at": null,
"nvd_published_at": "2026-06-25T09:16:32Z",
"severity": "MODERATE"
},
"details": "In the Linux kernel, the following vulnerability has been resolved:\n\nmm/hugetlb: restore reservation on error in hugetlb folio copy paths\n\nTwo sites in mm/hugetlb.c allocate a hugetlb folio via\nalloc_hugetlb_folio() (consuming a VMA reservation) and then call\ncopy_user_large_folio(), which became int-returning in commit 1cb9dc4b475c\n(\"mm: hwpoison: support recovery from HugePage copy-on-write faults\") and\ncan now fail (e.g. -EHWPOISON on a hwpoisoned source page). On the\nfailure path, folio_put() restores the global hugetlb pool count through\nfree_huge_folio(), but the per-VMA reservation map entry is left marked\nconsumed:\n\n - hugetlb_mfill_atomic_pte() resubmission path (UFFDIO_COPY)\n - copy_hugetlb_page_range() fork-time CoW path when\n hugetlb_try_dup_anon_rmap() fails (rare: pinned hugetlb anon\n folio under fork)\n\nUser-visible effect: on UFFDIO_COPY into a private hugetlb VMA where the\nresubmission copy fails, the reservation for that address is leaked from\nthe VMA\u0027s reserve map. A subsequent fault at the same address takes the\nno-reservation path, and under hugetlb pool pressure the task is SIGBUSed\nat an address it had previously reserved. The fork-time CoW path leaks\nthe same way in the child VMA\u0027s reserve map, though it requires the much\nrarer combination of pinned hugetlb anon page + hwpoisoned source.\n\nAdd the missing restore_reserve_on_error() call before folio_put() on both\nerror paths.",
"id": "GHSA-6828-fj37-mvwr",
"modified": "2026-07-07T21:31:30Z",
"published": "2026-06-25T09:31:19Z",
"references": [
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-53154"
},
{
"type": "WEB",
"url": "https://git.kernel.org/stable/c/40c81856e622a9dc59294a90d169ac07ea25b0b0"
},
{
"type": "WEB",
"url": "https://git.kernel.org/stable/c/45e33d43243d71d089af42f5077b8213cee6610f"
},
{
"type": "WEB",
"url": "https://git.kernel.org/stable/c/8d6e1dd3ad1340cd8b6d554b7aa93d8f0a1c6d38"
},
{
"type": "WEB",
"url": "https://git.kernel.org/stable/c/c72469ac0f274bde3f0df60a4584e14a123d0aa6"
},
{
"type": "WEB",
"url": "https://git.kernel.org/stable/c/e47bf16af3c45470ea32f2241fa69aefe0dd61bd"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"type": "CVSS_V3"
}
]
}
GHSA-69CH-W2M2-3VJP
Vulnerability from github – Published: 2022-10-14 19:00 – Updated: 2025-05-16 02:08The BCP 47 tag parser has quadratic time complexity due to inherent aspects of its design. Since the parser is, by design, exposed to untrusted user input, this can be leveraged to force a program to consume significant time parsing Accept-Language headers. The parser cannot be easily rewritten to fix this behavior for various reasons. Instead the solution implemented in this CL is to limit the total complexity of tags passed into ParseAcceptLanguage by limiting the number of dashes in the string to 1000. This should be more than enough for the majority of real world use cases, where the number of tags being sent is likely to be in the single digits.
Specific Go Packages Affected
golang.org/x/text/language
{
"affected": [
{
"package": {
"ecosystem": "Go",
"name": "golang.org/x/text"
},
"ranges": [
{
"events": [
{
"introduced": "0"
},
{
"fixed": "0.3.8"
}
],
"type": "ECOSYSTEM"
}
]
}
],
"aliases": [
"CVE-2022-32149"
],
"database_specific": {
"cwe_ids": [
"CWE-772"
],
"github_reviewed": true,
"github_reviewed_at": "2022-10-28T20:11:26Z",
"nvd_published_at": "2022-10-14T15:15:00Z",
"severity": "HIGH"
},
"details": "The BCP 47 tag parser has quadratic time complexity due to inherent aspects of its design. Since the parser is, by design, exposed to untrusted user input, this can be leveraged to force a program to consume significant time parsing Accept-Language headers. The parser cannot be easily rewritten to fix this behavior for various reasons. Instead the solution implemented in this CL is to limit the total complexity of tags passed into ParseAcceptLanguage by limiting the number of dashes in the string to 1000. This should be more than enough for the majority of real world use cases, where the number of tags being sent is likely to be in the single digits.\n\n### Specific Go Packages Affected\ngolang.org/x/text/language",
"id": "GHSA-69ch-w2m2-3vjp",
"modified": "2025-05-16T02:08:37Z",
"published": "2022-10-14T19:00:40Z",
"references": [
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2022-32149"
},
{
"type": "WEB",
"url": "https://github.com/golang/go/issues/56152"
},
{
"type": "WEB",
"url": "https://github.com/golang/text/commit/434eadcdbc3b0256971992e8c70027278364c72c"
},
{
"type": "PACKAGE",
"url": "https://github.com/golang/text"
},
{
"type": "WEB",
"url": "https://go.dev/cl/442235"
},
{
"type": "WEB",
"url": "https://go.dev/issue/56152"
},
{
"type": "WEB",
"url": "https://groups.google.com/g/golang-announce/c/-hjNw559_tE/m/KlGTfid5CAAJ"
},
{
"type": "WEB",
"url": "https://pkg.go.dev/vuln/GO-2022-1059"
},
{
"type": "WEB",
"url": "https://security.netapp.com/advisory/ntap-20230203-0006"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"type": "CVSS_V3"
}
],
"summary": "golang.org/x/text/language Denial of service via crafted Accept-Language header"
}
GHSA-6CW3-WHJR-XWJW
Vulnerability from github – Published: 2022-05-13 01:43 – Updated: 2022-05-13 01:43Patch module of Huawei NIP6300 V500R001C20SPC100, V500R001C20SPC200, NIP6600 V500R001C20SPC100, V500R001C20SPC200, Secospace USG6300 V500R001C20SPC100, V500R001C20SPC200, Secospace USG6500 V500R001C20SPC100, V500R001C20SPC200 has a memory leak vulnerability. An authenticated attacker could execute special commands many times, the memory leaking happened, which would cause the device to reset finally.
{
"affected": [],
"aliases": [
"CVE-2017-15315"
],
"database_specific": {
"cwe_ids": [
"CWE-772"
],
"github_reviewed": false,
"github_reviewed_at": null,
"nvd_published_at": "2018-03-09T21:29:00Z",
"severity": "MODERATE"
},
"details": "Patch module of Huawei NIP6300 V500R001C20SPC100, V500R001C20SPC200, NIP6600 V500R001C20SPC100, V500R001C20SPC200, Secospace USG6300 V500R001C20SPC100, V500R001C20SPC200, Secospace USG6500 V500R001C20SPC100, V500R001C20SPC200 has a memory leak vulnerability. An authenticated attacker could execute special commands many times, the memory leaking happened, which would cause the device to reset finally.",
"id": "GHSA-6cw3-whjr-xwjw",
"modified": "2022-05-13T01:43:43Z",
"published": "2022-05-13T01:43:43Z",
"references": [
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2017-15315"
},
{
"type": "WEB",
"url": "http://www.huawei.com/en/psirt/security-advisories/huawei-sa-20171129-01-command-en"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": "CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"type": "CVSS_V3"
}
]
}
GHSA-6CWP-GHJG-988R
Vulnerability from github – Published: 2022-05-13 01:06 – Updated: 2022-05-13 01:06The createSquareMesh function in Adobe Reader and Acrobat 10.x before 10.1.16 and 11.x before 11.0.13, Acrobat and Acrobat Reader DC Classic before 2015.006.30094, and Acrobat and Acrobat Reader DC Continuous before 2015.009.20069 on Windows and OS X allows attackers to obtain sensitive information from process memory via invalid arguments, a different vulnerability than CVE-2015-6697, CVE-2015-6699, CVE-2015-6700, CVE-2015-6701, CVE-2015-6703, and CVE-2015-6704.
{
"affected": [],
"aliases": [
"CVE-2015-6702"
],
"database_specific": {
"cwe_ids": [
"CWE-772"
],
"github_reviewed": false,
"github_reviewed_at": null,
"nvd_published_at": "2015-10-14T23:59:00Z",
"severity": "MODERATE"
},
"details": "The createSquareMesh function in Adobe Reader and Acrobat 10.x before 10.1.16 and 11.x before 11.0.13, Acrobat and Acrobat Reader DC Classic before 2015.006.30094, and Acrobat and Acrobat Reader DC Continuous before 2015.009.20069 on Windows and OS X allows attackers to obtain sensitive information from process memory via invalid arguments, a different vulnerability than CVE-2015-6697, CVE-2015-6699, CVE-2015-6700, CVE-2015-6701, CVE-2015-6703, and CVE-2015-6704.",
"id": "GHSA-6cwp-ghjg-988r",
"modified": "2022-05-13T01:06:40Z",
"published": "2022-05-13T01:06:40Z",
"references": [
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2015-6702"
},
{
"type": "WEB",
"url": "https://helpx.adobe.com/security/products/acrobat/apsb15-24.html"
},
{
"type": "WEB",
"url": "http://www.securitytracker.com/id/1033796"
},
{
"type": "WEB",
"url": "http://www.zerodayinitiative.com/advisories/ZDI-15-480"
}
],
"schema_version": "1.4.0",
"severity": []
}
GHSA-6HVM-256W-H2QV
Vulnerability from github – Published: 2022-05-24 17:05 – Updated: 2024-04-04 02:45A memory leak was discovered in Mat_VarCalloc in mat.c in matio 1.5.17 because SafeMulDims does not consider the rank==0 case.
{
"affected": [],
"aliases": [
"CVE-2019-20052"
],
"database_specific": {
"cwe_ids": [
"CWE-401",
"CWE-772"
],
"github_reviewed": false,
"github_reviewed_at": null,
"nvd_published_at": "2019-12-27T22:15:00Z",
"severity": "MODERATE"
},
"details": "A memory leak was discovered in Mat_VarCalloc in mat.c in matio 1.5.17 because SafeMulDims does not consider the rank==0 case.",
"id": "GHSA-6hvm-256w-h2qv",
"modified": "2024-04-04T02:45:48Z",
"published": "2022-05-24T17:05:12Z",
"references": [
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2019-20052"
},
{
"type": "WEB",
"url": "https://github.com/tbeu/matio/issues/131"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H",
"type": "CVSS_V3"
}
]
}
GHSA-6J42-F94Q-5PQ7
Vulnerability from github – Published: 2022-05-13 01:44 – Updated: 2022-05-13 01:44An issue was discovered in Asterisk Open Source 13 before 13.18.1, 14 before 14.7.1, and 15 before 15.1.1 and Certified Asterisk 13.13 before 13.13-cert7. A memory leak occurs when an Asterisk pjsip session object is created and that call gets rejected before the session itself is fully established. When this happens the session object never gets destroyed. Eventually Asterisk can run out of memory and crash.
{
"affected": [],
"aliases": [
"CVE-2017-16672"
],
"database_specific": {
"cwe_ids": [
"CWE-772"
],
"github_reviewed": false,
"github_reviewed_at": null,
"nvd_published_at": "2017-11-09T00:29:00Z",
"severity": "MODERATE"
},
"details": "An issue was discovered in Asterisk Open Source 13 before 13.18.1, 14 before 14.7.1, and 15 before 15.1.1 and Certified Asterisk 13.13 before 13.13-cert7. A memory leak occurs when an Asterisk pjsip session object is created and that call gets rejected before the session itself is fully established. When this happens the session object never gets destroyed. Eventually Asterisk can run out of memory and crash.",
"id": "GHSA-6j42-f94q-5pq7",
"modified": "2022-05-13T01:44:09Z",
"published": "2022-05-13T01:44:09Z",
"references": [
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2017-16672"
},
{
"type": "WEB",
"url": "https://issues.asterisk.org/jira/browse/ASTERISK-27345"
},
{
"type": "WEB",
"url": "https://security.gentoo.org/glsa/201811-11"
},
{
"type": "WEB",
"url": "https://www.debian.org/security/2017/dsa-4076"
},
{
"type": "WEB",
"url": "http://downloads.digium.com/pub/security/AST-2017-011.html"
},
{
"type": "WEB",
"url": "http://www.securityfocus.com/bid/101765"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H",
"type": "CVSS_V3"
}
]
}
GHSA-6J8P-W9C7-3752
Vulnerability from github – Published: 2022-05-13 01:50 – Updated: 2022-05-13 01:50An issue was discovered in libsvg2 through 2012-10-19. The svgGetNextPathField function in svg_string.c returns its input pointer in certain circumstances, which might result in a memory leak caused by wasteful malloc calls.
{
"affected": [],
"aliases": [
"CVE-2018-17332"
],
"database_specific": {
"cwe_ids": [
"CWE-772"
],
"github_reviewed": false,
"github_reviewed_at": null,
"nvd_published_at": "2018-09-22T16:29:00Z",
"severity": "HIGH"
},
"details": "An issue was discovered in libsvg2 through 2012-10-19. The svgGetNextPathField function in svg_string.c returns its input pointer in certain circumstances, which might result in a memory leak caused by wasteful malloc calls.",
"id": "GHSA-6j8p-w9c7-3752",
"modified": "2022-05-13T01:50:33Z",
"published": "2022-05-13T01:50:33Z",
"references": [
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2018-17332"
},
{
"type": "WEB",
"url": "https://github.com/agambier/libsvg2/issues/2"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"type": "CVSS_V3"
}
]
}
GHSA-6JV9-X5W9-2CCM
Vulnerability from github – Published: 2026-06-11 13:26 – Updated: 2026-07-10 12:31Impact
The RedisArrayAggregator handler permanently leaks pooled direct-memory buffers when a Redis pipeline connection closes before a RESP array aggregate completes. The handler retains child messages in per-handler state (depths field) but defines no channelInactive, handlerRemoved, or exceptionCaught method to release them when the pipeline tears down. Because the leaked buffers are slices of PooledByteBufAllocator chunks, they prevent those chunks from being returned to the JVM-wide direct-memory pool. Repeated connection churn by any network peer monotonically drains this shared pool, eventually causing allocation failures on all Netty channels in the process.
{
"affected": [
{
"database_specific": {
"last_known_affected_version_range": "\u003c= 4.2.14.Final"
},
"package": {
"ecosystem": "Maven",
"name": "io.netty:netty-codec-redis"
},
"ranges": [
{
"events": [
{
"introduced": "4.2.0.Final"
},
{
"fixed": "4.2.15.Final"
}
],
"type": "ECOSYSTEM"
}
]
},
{
"database_specific": {
"last_known_affected_version_range": "\u003c= 4.1.134.Final"
},
"package": {
"ecosystem": "Maven",
"name": "io.netty:netty-codec-redis"
},
"ranges": [
{
"events": [
{
"introduced": "0"
},
{
"fixed": "4.1.135.Final"
}
],
"type": "ECOSYSTEM"
}
]
}
],
"aliases": [
"CVE-2026-48006"
],
"database_specific": {
"cwe_ids": [
"CWE-401",
"CWE-772"
],
"github_reviewed": true,
"github_reviewed_at": "2026-06-11T13:26:06Z",
"nvd_published_at": "2026-06-12T16:16:30Z",
"severity": "HIGH"
},
"details": "### Impact\nThe RedisArrayAggregator handler permanently leaks pooled direct-memory buffers when a Redis pipeline connection closes before a RESP array aggregate completes. The handler retains child messages in per-handler state (`depths` field) but defines no `channelInactive`, `handlerRemoved`, or `exceptionCaught` method to release them when the pipeline tears down. Because the leaked buffers are slices of `PooledByteBufAllocator` chunks, they prevent those chunks from being returned to the JVM-wide direct-memory pool. Repeated connection churn by any network peer monotonically drains this shared pool, eventually causing allocation failures on all Netty channels in the process.",
"id": "GHSA-6jv9-x5w9-2ccm",
"modified": "2026-07-10T12:31:39Z",
"published": "2026-06-11T13:26:06Z",
"references": [
{
"type": "WEB",
"url": "https://github.com/netty/netty/security/advisories/GHSA-6jv9-x5w9-2ccm"
},
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-48006"
},
{
"type": "WEB",
"url": "https://access.redhat.com/errata/RHSA-2026:37390"
},
{
"type": "WEB",
"url": "https://access.redhat.com/security/cve/CVE-2026-48006"
},
{
"type": "WEB",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2488433"
},
{
"type": "PACKAGE",
"url": "https://github.com/netty/netty"
},
{
"type": "WEB",
"url": "https://github.com/netty/netty/releases/tag/netty-4.1.135.Final"
},
{
"type": "WEB",
"url": "https://github.com/netty/netty/releases/tag/netty-4.2.15.Final"
},
{
"type": "WEB",
"url": "https://security.access.redhat.com/data/csaf/v2/vex/2026/cve-2026-48006.json"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"type": "CVSS_V3"
},
{
"score": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N",
"type": "CVSS_V4"
}
],
"summary": "Netty\u0027s Lack of Lifecycle Cleanup Leads to Pooled ByteBuf Leak in RedisArrayAggregator"
}
GHSA-6M36-3RF7-2WPF
Vulnerability from github – Published: 2022-05-13 01:42 – Updated: 2022-05-13 01:42When ImageMagick 7.0.6-1 processes a crafted file in convert, it can lead to a Memory Leak in the ReadMATImage() function in coders/mat.c.
{
"affected": [],
"aliases": [
"CVE-2017-11644"
],
"database_specific": {
"cwe_ids": [
"CWE-772"
],
"github_reviewed": false,
"github_reviewed_at": null,
"nvd_published_at": "2017-07-26T08:29:00Z",
"severity": "MODERATE"
},
"details": "When ImageMagick 7.0.6-1 processes a crafted file in convert, it can lead to a Memory Leak in the ReadMATImage() function in coders/mat.c.",
"id": "GHSA-6m36-3rf7-2wpf",
"modified": "2022-05-13T01:42:28Z",
"published": "2022-05-13T01:42:28Z",
"references": [
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2017-11644"
},
{
"type": "WEB",
"url": "https://github.com/ImageMagick/ImageMagick/issues/587"
},
{
"type": "WEB",
"url": "http://www.securityfocus.com/bid/100014"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H",
"type": "CVSS_V3"
}
]
}
GHSA-6PC5-JFVJ-857M
Vulnerability from github – Published: 2022-05-13 01:49 – Updated: 2022-05-13 01:49libsixel 1.8.1 has a memory leak in sixel_allocator_new in allocator.c.
{
"affected": [],
"aliases": [
"CVE-2018-14073"
],
"database_specific": {
"cwe_ids": [
"CWE-772"
],
"github_reviewed": false,
"github_reviewed_at": null,
"nvd_published_at": "2018-07-15T18:29:00Z",
"severity": "HIGH"
},
"details": "libsixel 1.8.1 has a memory leak in sixel_allocator_new in allocator.c.",
"id": "GHSA-6pc5-jfvj-857m",
"modified": "2022-05-13T01:49:54Z",
"published": "2022-05-13T01:49:54Z",
"references": [
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2018-14073"
},
{
"type": "WEB",
"url": "https://github.com/saitoha/libsixel/issues/67#issuecomment-404989926"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"type": "CVSS_V3"
}
]
}
Mitigation MIT-3
Strategy: Language Selection
- Use a language that does not allow this weakness to occur or provides constructs that make this weakness easier to avoid.
- For example, languages such as Java, Ruby, and Lisp perform automatic garbage collection that releases memory for objects that have been deallocated.
Mitigation
It is good practice to be responsible for freeing all resources you allocate and to be consistent with how and where you free resources in a function. If you allocate resources that you intend to free upon completion of the function, you must be sure to free the resources at all exit points for that function including error conditions.
Mitigation MIT-47
Strategy: Resource Limitation
- Use resource-limiting settings provided by the operating system or environment. For example, when managing system resources in POSIX, setrlimit() can be used to set limits for certain types of resources, and getrlimit() can determine how many resources are available. However, these functions are not available on all operating systems.
- When the current levels get close to the maximum that is defined for the application (see CWE-770), then limit the allocation of further resources to privileged users; alternately, begin releasing resources for less-privileged users. While this mitigation may protect the system from attack, it will not necessarily stop attackers from adversely impacting other users.
- Ensure that the application performs the appropriate error checks and error handling in case resources become unavailable (CWE-703).
CAPEC-469: HTTP DoS
An attacker performs flooding at the HTTP level to bring down only a particular web application rather than anything listening on a TCP/IP connection. This denial of service attack requires substantially fewer packets to be sent which makes DoS harder to detect. This is an equivalent of SYN flood in HTTP. The idea is to keep the HTTP session alive indefinitely and then repeat that hundreds of times. This attack targets resource depletion weaknesses in web server software. The web server will wait to attacker's responses on the initiated HTTP sessions while the connection threads are being exhausted.