CWE-440
Meldingen voor een CWE
Blijf op de hoogte van wijzigingen voor een specifieke CWE.
Naam: Expected Behavior Violation
A feature, API, or function does not perform according to its specification.
Algemene informatie
Introductiemodi
Architecture and DesignImplementation
Operation
Toepasselijke platforms
Taal
Class: Not Language-Specific (Undetermined)Technologieën
Class: ICS/OT (Undetermined)Veelvoorkomende gevolgen
| Bereik | Impact | Waarschijnlijkheid |
|---|---|---|
| Other | Quality Degradation, Varies by Context |
Waargenomen voorbeelden
| Referenties | Beschrijving |
|---|---|
CVE-2003-0187 | Program uses large timeouts on unconfirmed connections resulting from inconsistency in linked lists implementations. |
CVE-2003-0465 | "strncpy" in Linux kernel acts different than libc on x86, leading to expected behavior difference - sort of a multiple interpretation error? |
CVE-2005-3265 | Buffer overflow in product stems the use of a third party library function that is expected to have internal protection against overflows, but doesn't. |
Notities kwetsbaarheidsmapping
Rechtvaardiging : This CWE entry is at the Base level of abstraction, which is a preferred level of abstraction for mapping to the root causes of vulnerabilities.Opmerking : Carefully read both the name and description to ensure that this mapping is an appropriate fit. Do not try to 'force' a mapping to a lower-level Base/Variant simply to comply with this preferred level of abstraction.
Notities
The behavior of an application that is not consistent with the expectations of the developer may lead to incorrect use of the software.Referenties
REF-1384
The RISC-V Instruction Set Manual Volume II: Privileged Architecture page 28https://riscv.org/wp-content/uploads/2017/05/riscv-privileged-v1.10.pdf
REF-1385
csr_regfile.svhttps://github.com/HACK-EVENT/hackatdac21/blob/b9ecdf6068445d76d6bee692d163fededf7a9d9b/piton/design/chip/tile/ariane/src/csr_regfile.sv
REF-1386
Fix for csr_regfile.svhttps://github.com/HACK-EVENT/hackatdac21/blob/2341c625a28d2fb87d370e32c45b68bd711cc43b/piton/design/chip/tile/ariane/src/csr_regfile.sv#L519C4-L522C20
Indiening
| Naam | Organisatie | Datum | Releasedatum | Version |
|---|---|---|---|---|
| PLOVER | Draft 3 |
Wijzigingen
| Naam | Organisatie | Datum | Opmerking |
|---|---|---|---|
| Eric Dalci | Cigital | updated Time_of_Introduction | |
| CWE Content Team | MITRE | updated Relationships, Other_Notes, Taxonomy_Mappings | |
| CWE Content Team | MITRE | updated Other_Notes, Relevant_Properties, Theoretical_Notes | |
| CWE Content Team | MITRE | updated Common_Consequences | |
| CWE Content Team | MITRE | updated Common_Consequences | |
| CWE Content Team | MITRE | updated Relationships | |
| CWE Content Team | MITRE | updated Relationships | |
| CWE Content Team | MITRE | updated Applicable_Platforms, Relevant_Properties | |
| CWE Content Team | MITRE | updated Relationships | |
| CWE Content Team | MITRE | updated Description, Observed_Examples, Theoretical_Notes | |
| CWE Content Team | MITRE | updated Applicable_Platforms, Relationships | |
| CWE Content Team | MITRE | updated Relationships | |
| CWE Content Team | MITRE | updated Mapping_Notes | |
| CWE Content Team | MITRE | updated Observed_Examples | |
| CWE Content Team | MITRE | updated Demonstrative_Examples, References | |
| CWE Content Team | MITRE | updated Relationships | |
| CWE Content Team | MITRE | updated Weakness_Ordinalities |
