CWE-440
Benachrichtigungen für ein CWE
Bleiben Sie über alle Änderungen zu einem bestimmten CWE informiert.
Name: Expected Behavior Violation
A feature, API, or function does not perform according to its specification.
Allgemeine Informationen
Einführungsmodi
Architecture and DesignImplementation
Operation
Anwendbare Plattformen
Sprache
Class: Not Language-Specific (Undetermined)Technologien
Class: ICS/OT (Undetermined)Häufige Konsequenzen
| Bereich | Auswirkung | Wahrscheinlichkeit |
|---|---|---|
| Other | Quality Degradation, Varies by Context |
Beobachtete Beispiele
| Referenzen | Beschreibung |
|---|---|
CVE-2003-0187 | Program uses large timeouts on unconfirmed connections resulting from inconsistency in linked lists implementations. |
CVE-2003-0465 | "strncpy" in Linux kernel acts different than libc on x86, leading to expected behavior difference - sort of a multiple interpretation error? |
CVE-2005-3265 | Buffer overflow in product stems the use of a third party library function that is expected to have internal protection against overflows, but doesn't. |
Hinweise zur Schwachstellen-Zuordnung
Begründung : This CWE entry is at the Base level of abstraction, which is a preferred level of abstraction for mapping to the root causes of vulnerabilities.Kommentar : Carefully read both the name and description to ensure that this mapping is an appropriate fit. Do not try to 'force' a mapping to a lower-level Base/Variant simply to comply with this preferred level of abstraction.
Hinweise
The behavior of an application that is not consistent with the expectations of the developer may lead to incorrect use of the software.Referenzen
REF-1384
The RISC-V Instruction Set Manual Volume II: Privileged Architecture page 28https://riscv.org/wp-content/uploads/2017/05/riscv-privileged-v1.10.pdf
REF-1385
csr_regfile.svhttps://github.com/HACK-EVENT/hackatdac21/blob/b9ecdf6068445d76d6bee692d163fededf7a9d9b/piton/design/chip/tile/ariane/src/csr_regfile.sv
REF-1386
Fix for csr_regfile.svhttps://github.com/HACK-EVENT/hackatdac21/blob/2341c625a28d2fb87d370e32c45b68bd711cc43b/piton/design/chip/tile/ariane/src/csr_regfile.sv#L519C4-L522C20
Einreichung
| Name | Organisation | Datum | Veröffentlichungsdatum | Version |
|---|---|---|---|---|
| PLOVER | Draft 3 |
Änderungen
| Name | Organisation | Datum | Kommentar |
|---|---|---|---|
| Eric Dalci | Cigital | updated Time_of_Introduction | |
| CWE Content Team | MITRE | updated Relationships, Other_Notes, Taxonomy_Mappings | |
| CWE Content Team | MITRE | updated Other_Notes, Relevant_Properties, Theoretical_Notes | |
| CWE Content Team | MITRE | updated Common_Consequences | |
| CWE Content Team | MITRE | updated Common_Consequences | |
| CWE Content Team | MITRE | updated Relationships | |
| CWE Content Team | MITRE | updated Relationships | |
| CWE Content Team | MITRE | updated Applicable_Platforms, Relevant_Properties | |
| CWE Content Team | MITRE | updated Relationships | |
| CWE Content Team | MITRE | updated Description, Observed_Examples, Theoretical_Notes | |
| CWE Content Team | MITRE | updated Applicable_Platforms, Relationships | |
| CWE Content Team | MITRE | updated Relationships | |
| CWE Content Team | MITRE | updated Mapping_Notes | |
| CWE Content Team | MITRE | updated Observed_Examples | |
| CWE Content Team | MITRE | updated Demonstrative_Examples, References | |
| CWE Content Team | MITRE | updated Relationships | |
| CWE Content Team | MITRE | updated Weakness_Ordinalities |
