1 vulnerabilities classified as CWE-675 (对资源的重复操作). AI Chinese analysis included.
CWE-675 represents a resource management weakness where a system redundantly applies an operation to a single resource within a context that expects only one execution. This flaw typically arises when developers fail to track whether a specific action, such as closing a file or releasing a lock, has already been performed. Exploitation often leads to resource exhaustion, double-free vulnerabilities, or unexpected state corruption, as the second operation may attempt to manipulate an already invalidated or closed resource. To prevent this, developers must implement strict state tracking mechanisms, ensuring that operations are idempotent or guarded by conditional checks before execution. Utilizing design patterns like the Singleton or implementing explicit flags to monitor resource status can effectively mitigate this risk, ensuring that critical operations occur exactly once per intended lifecycle.
char* ptr = (char*)malloc (SIZE); ... if (abrt) { free(ptr); } ... free(ptr);void bind_socket(void) { int server_sockfd; int server_len; struct sockaddr_in server_address; /*unlink the socket if already bound to avoid an error when bind() is called*/ unlink("server_socket"); server_sockfd = socket(AF_INET, SOCK_STREAM, 0); server_address.sin_family = AF_INET; server_address.sin_port = 21; server_address.sin_addr.s_addr = htonl(INADDR_ANY); server_len = sizeof(struct sockaddr_in); bind(server_sockfd, (struct sockaddr *) &s1, server_len); }| CVE ID | Title | CVSS | Severity | Published |
|---|---|---|---|---|
| CVE-2025-68973 | GNUPG 安全漏洞 — GnuPG | 7.8 | High | 2025-12-28 |
Vulnerabilities classified as CWE-675 (对资源的重复操作) represent 1 CVEs. The CWE taxonomy describes the weakness; review individual CVEs for product-specific impact.