Use of Expired File Descriptor
This vulnerability occurs when a program attempts to use a file descriptor after it has been closed, treating it as if it were still valid.
When a file descriptor is closed, the operating system marks it as available for reuse. If your code later uses that same descriptor value—thinking it still points to the original file or socket—it will actually be interacting with a completely different, newly opened resource. This can lead to data corruption, security breaches, or application crashes as you read from or write to an unintended target. To prevent this, developers should immediately set file descriptor variables to an invalid state (like -1) after closing them and implement robust state checks before use. Relying on the descriptor value alone is unsafe because the system recycles these identifiers, breaking the assumed link between the descriptor number and your intended resource.
Impact: Read Files or Directories
The program could read data from the wrong file.
Impact: DoS: Crash, Exit, or Restart
Accessing a file descriptor that has been closed can cause a crash.
Medium
Stale file descriptor
- CERT C Secure Coding