CWE-403: Exposure of File Descriptor to Unintended Control Sphere ('File Descriptor Leak')
CWE版本: 4.18
更新日期: 2025-09-09
弱点描述
A process does not close sensitive file descriptors before invoking a child process, which allows the child to perform unauthorized I/O operations using those descriptors.
扩展描述
When a new process is forked or executed, the child process inherits any open file descriptors. When the child process has fewer privileges than the parent process, this might introduce a vulnerability if the child process can access the file descriptor but does not have the privileges to access the associated file.
常见后果
影响范围: Confidentiality Integrity
技术影响: Read Application Data Modify Application Data
观察示例
参考: CVE-2003-0740
Server leaks a privileged file descriptor, allowing the server to be hijacked.
参考: CVE-2004-1033
File descriptor leak allows read of restricted files.
参考: CVE-2000-0094
Access to restricted resource using modified file descriptor for stderr.
参考: CVE-2002-0638
Open file descriptor used as alternate channel in complex race condition.
参考: CVE-2003-0489
Program does not fully drop privileges after creating a file descriptor, which allows access to the descriptor via a separate vulnerability.
参考: CVE-2003-0937
User bypasses restrictions by obtaining a file descriptor then calling setuid program, which does not close the descriptor.
参考: CVE-2004-2215
Terminal manager does not properly close file descriptors, allowing attackers to access terminals of other users.
参考: CVE-2006-5397
Module opens a file for reading twice, allowing attackers to read files.
引入模式
| 阶段 | 说明 |
|---|---|
| Implementation | REALIZATION: This weakness is caused during implementation of an architectural security tactic. |
适用平台
编程语言
操作系统
分类映射
| 分类名称 | 条目ID | 条目名称 | 映射适配度 |
|---|---|---|---|
| PLOVER | - | UNIX file descriptor leak | - |
| CERT C Secure Coding | FIO42-C | Ensure files are properly closed when they are no longer needed | - |
| Software Fault Patterns | SFP23 | Exposed Data | - |