CWE-911 - Improper Update of Reference Count

Description

The software uses a reference count to manage a resource, but it does not update or incorrectly updates the reference count. Reference counts can be used when tracking how many objects contain a reference to a particular resource, such as in memory management or garbage collection. When the reference count reaches zero, the resource can be de-allocated or reused because there are no more objects that use it. If the reference count accidentally reaches zero, then the resource might be released too soon, even though it is still in use. If all objects no longer use the resource, but the reference count is not zero, then the resource might not ever be released. The weakness is introduced during Implementation stage.

Latest vulnerabilities for CWE-911

Multiple vulnerabilities in Dell EMC VxRail Appliance 2023-07-20
High Yes

Local denial of service in Linux Kernel netdevsim 2023-04-13
Low Yes

Multiple vulnerabilities in IBM Spectrum Protect Plus 2023-03-20
Medium Yes

Multiple vulnerabilities in Dell Secure Connect Gateway 2023-02-23
High Yes

Multiple vulnerabilities in IBM Spectrum Copy Data Management 2023-01-26
Medium Yes

Multiple vulnerabilities in Dell VxRail Appliance components 2023-01-09
High Yes

Multiple vulnerabilities in Dell NetWorker vProxy 2022-12-06
High Yes

Multiple vulnerabilities in Dell EMC Data Protection Central 2022-11-15
High Yes

Multiple vulnerabilities in Oracle Linux 2022-10-20
Critical Yes

Multiple vulnerabilities in IBM Cloud Object Storage Systems 2022-09-23
High Yes

References

Description of CWE-911 on Mitre website