The software can be influenced by an attacker to open more files than are supported by the system.
There are at least three distinct scenarios which can commonly lead to file descriptor exhaustion:
Lack of throttling for the number of open file descriptors
Losing all references to a file descriptor before reaching the shutdown stage
Not closing file descriptors after processing
Time of Introduction
Architecture and Design
Likelihood of Exploit
Low to Medium
Phases: Implementation; Architecture and Design
If file I/O is being supported by an application for multiple users,
balancing the resource allotment across the group may help to prevent
exhaustion as well as differentiate malicious activity from an
insufficient resource pool.
Consider using the getrlimit() function included in the sys/resources
library in order to determine how many files are currently allowed to be
opened for the process.