Home/CWE/Improper Write Handling in Limited-write Non-Volatile Memories
Weakness

Improper Write Handling in Limited-write Non-Volatile Memories

CWE-1246 · Base · Incomplete

The product does not implement or incorrectly implements wear leveling operations in limited-write non-volatile memories.

Extended description

Non-volatile memories such as NAND Flash, EEPROM, etc. have individually erasable segments, each of which can be put through a limited number of program/erase or write cycles. For example, the device can only endure a limited number of writes, after which the device becomes unreliable. In order to wear out the cells in a uniform manner, non-volatile memory and storage products based on the above-mentioned technologies implement a technique called wear leveling.

Once a set threshold is reached, wear leveling maps writes of a logical block to a different physical block. This prevents a single physical block from prematurely failing due to a high concentration of writes.

Weakness Relationships

Where this weakness sits in the CWE hierarchy. Walk up to broader classes or down to more specific variants.
Parent of this (broader)
ChildOfCWE-400 · Uncontrolled Resource Consumption

Attack Patterns (CAPEC)

1
How adversaries exploit this weakness, per MITRE CAPEC.
CAPEC-212Functionality Misuse

CVEs With This Weakness

2
CVEs tagged with this weakness.
CVECVE-2024-36432
CVECVE-2023-32229
External lookups - second-class, for what we don’t hold ourselves
MITRE CWE
Vulnerabilities
CISA KEV catalog
CWE weaknesses
CAPEC attack patterns
Package vulnerabilities
Threat intelligence
Threat actors
Tools & malware
ATT&CK techniques
IOCs
Detection & defense
Sigma rules
YARA rules
Atomic Red Team tests
D3FEND countermeasures
Compliance
NIST 800-53
ISO 27001:2022
SOC 2 TSC
PCI-DSS v4.0
CIS Controls v8.1
About
All capabilities
Live statistics
Data sources
Privacy policy
Terms of service
threatengine.sh  ·  Open-source threat intelligence platform  ·  100+ authoritative sources  ·  Every fact traces to its origin