目标达成 感谢每一位支持者 — 我们达成了 100% 目标!

目标: 1000 元 · 已筹: 1000

100.0%
请我们喝杯咖啡

CWE-126 缓冲区上溢读取 类漏洞列表 417

CWE-126 缓冲区上溢读取 类弱点 417 条 CVE 漏洞汇总,含 AI 中文分析。

CWE-126 缓冲区过读是一种内存安全漏洞,指程序通过索引或指针访问了目标缓冲区之后的非法内存区域。攻击者利用此缺陷可读取敏感数据或引发程序崩溃,进而可能导致信息泄露或拒绝服务。开发者应避免此类问题,需严格验证内存访问边界,确保读写操作不超出缓冲区合法范围,并采用安全的内存管理函数以防止越界访问。

MITRE CWE 官方描述
CWE:CWE-126 Buffer Over-read(缓冲区越界读) 英文:The product reads from a buffer using buffer access mechanisms such as indexes or pointers that reference memory locations after the targeted buffer.
常见影响 (3)
ConfidentialityRead Memory
ConfidentialityBypass Protection Mechanism
By reading out-of-bounds memory, an attacker might be able to get secret values, such as memory addresses, which can bypass protection mechanisms such as ASLR in order to improve the reliability and likelihood of exploiting a separate weakness to achieve code execution instead of just denial of serv…
Availability, IntegrityDoS: Crash, Exit, or Restart
An attacker might be able to cause a crash or other denial of service by causing the product to read a memory location that is not allowed (such as a segmentation fault), or to cause other conditions in which the read operation returns more data than is expected.
代码示例 (2)
In the following C/C++ example the method processMessageFromSocket() will get a message from a socket, placed into a buffer, and will parse the contents of the buffer into a structure that contains the message length and the message body. A for loop is used to copy the message body into a local character string which will be passed to another method for processing.
int processMessageFromSocket(int socket) { int success; char buffer[BUFFER_SIZE]; char message[MESSAGE_SIZE]; // get message from socket and store into buffer //Ignoring possibliity that buffer > BUFFER_SIZE if (getMessage(socket, buffer, BUFFER_SIZE) > 0) { // place contents of the buffer into message structure ExMessage *msg = recastBuffer(buffer); // copy message body into string for processing int index; for (index = 0; index < msg->msgLength; index++) { message[index] = msg->msgBody[index]; } message[index] = '\0'; // process message success = processMessage(message); } return success; }
Bad · C
The following C/C++ example demonstrates a buffer over-read due to a missing NULL terminator. The main method of a pattern matching utility that looks for a specific pattern within a specific file uses the string strncopy() method to copy the command line user input file name and pattern to the Filename and Pattern character arrays respectively.
int main(int argc, char **argv) { char Filename[256]; char Pattern[32]; /* Validate number of parameters and ensure valid content */ ... /* copy filename parameter to variable, may cause off-by-one overflow */ strncpy(Filename, argv[1], sizeof(Filename)); /* copy pattern parameter to variable, may cause off-by-one overflow */ strncpy(Pattern, argv[2], sizeof(Pattern)); printf("Searching file: %s for the pattern: %s\n", Filename, Pattern); Scan_File(Filename, Pattern); }
Bad · C
/* copy filename parameter to variable, no off-by-one overflow */ strncpy(Filename, argv[2], sizeof(Filename)-1); Filename[255]='\0'; /* copy pattern parameter to variable, no off-by-one overflow */ strncpy(Pattern, argv[3], sizeof(Pattern)-1); Pattern[31]='\0';
Good · C
CVE ID标题CVSS风险等级Published
CVE-2023-21661 Qualcomm Chipsets 缓冲区错误漏洞 — Snapdragon 7.5 High2023-06-06
CVE-2023-21660 Qualcomm Chipsets 缓冲区错误漏洞 — Snapdragon 7.5 High2023-06-06
CVE-2023-21659 Qualcomm Chipsets 缓冲区错误漏洞 — Snapdragon 7.5 High2023-06-06
CVE-2023-21658 Qualcomm Chipsets 缓冲区错误漏洞 — Snapdragon 7.5 High2023-06-06
CVE-2023-24942 Microsoft Windows Remote Procedure Call Runtime 安全漏洞 — Windows 10 Version 1809 7.5 High2023-05-09
CVE-2023-24901 Microsoft Windows NFS Portmapper 安全漏洞 — Windows 10 Version 1809 7.5 High2023-05-09
CVE-2022-33273 Qualcomm 芯片缓冲区错误漏洞 — Snapdragon 7.3 High2023-05-02
CVE-2022-40505 Qualcomm 芯片缓冲区错误漏洞 — Snapdragon 8.2 High2023-05-02
CVE-2023-24513 Arista Networks CloudEOS 缓冲区错误漏洞 — EOS 6.5 Medium2023-04-12
CVE-2023-28267 Microsoft Windows RDP Client 安全漏洞 — Windows 10 Version 1809 6.5 Medium2023-04-11
CVE-2023-28266 Microsoft Windows Common Log File System Driver 安全漏洞 — Windows 10 Version 1809 5.5 Medium2023-04-11
CVE-2023-24883 Microsoft PostScript Printer Driver安全漏洞 — Windows 10 Version 1809 6.5 Medium2023-04-11
CVE-2022-40503 Qualcomm Chipsets 缓冲区错误漏洞 — Snapdragon 8.2 High2023-04-04
CVE-2022-33297 Qualcomm Chipsets 缓冲区错误漏洞 — Snapdragon 6.8 Medium2023-04-04
CVE-2022-33295 Qualcomm Chipsets 缓冲区错误漏洞 — Snapdragon 8.2 High2023-04-04
CVE-2022-33291 Qualcomm Chipsets 缓冲区错误漏洞 — Snapdragon 8.2 High2023-04-04
CVE-2022-33287 Qualcomm Chipsets 缓冲区错误漏洞 — Snapdragon 8.2 High2023-04-04
CVE-2022-33258 Qualcomm Chipsets 缓冲区错误漏洞 — Snapdragon 8.2 High2023-04-04
CVE-2022-33228 Qualcomm Chipsets 缓冲区错误漏洞 — Snapdragon 8.2 High2023-04-04
CVE-2022-33222 Qualcomm Chipsets 缓冲区错误漏洞 — Snapdragon 8.2 High2023-04-04
CVE-2022-25747 Qualcomm Chipsets 缓冲区错误漏洞 — Snapdragon 8.2 High2023-04-04
CVE-2022-25730 Qualcomm Chipsets 缓冲区错误漏洞 — Snapdragon 8.2 High2023-04-04
CVE-2022-25726 Qualcomm Chipsets 缓冲区错误漏洞 — Snapdragon 8.2 High2023-04-04
CVE-2023-20112 Cisco Access Point 缓冲区错误漏洞 — Cisco Aironet Access Point Software 7.4 High2023-03-23
CVE-2023-24870 Microsoft PostScript Printer Driver 安全漏洞 — Windows 10 Version 1809 6.5 Medium2023-03-14
CVE-2023-24858 Microsoft PostScript Printer Driver 安全漏洞 — Windows 10 Version 1809 7.5 High2023-03-14
CVE-2023-24857 Microsoft PostScript Printer Driver 安全漏洞 — Windows 10 Version 1809 6.5 Medium2023-03-14
CVE-2022-40535 Google Android 缓冲区错误漏洞 — Snapdragon 7.5 High2023-03-07
CVE-2022-33309 Google Android 缓冲区错误漏洞 — Snapdragon 7.5 High2023-03-07
CVE-2023-21701 Microsoft Windows Protected EAP 安全漏洞 — Windows 10 Version 1809 7.5 High2023-02-14

CWE-126(缓冲区上溢读取) 是常见的弱点类别,本平台收录该类弱点关联的 417 条 CVE 漏洞。