Goal Reached Thanks to every supporter — we hit 100%!

Goal: 1000 CNY · Raised: 1000 CNY

100.0%
Buy Us a Coffee

CWE-129 (对数组索引的验证不恰当) — Vulnerability Class 182

182 vulnerabilities classified as CWE-129 (对数组索引的验证不恰当). AI Chinese analysis included.

CWE-129 represents an improper validation of array index weakness where software fails to verify that untrusted input falls within the valid bounds of an array. This vulnerability typically allows attackers to exploit the flaw by supplying malicious values that cause the application to read or write memory outside the intended array boundaries. Such out-of-bounds access can lead to critical security breaches, including data corruption, denial of service, or arbitrary code execution, depending on the memory layout and context. To prevent this issue, developers must implement rigorous input validation checks before using any external data as an array index. This involves ensuring that indices are strictly greater than or equal to zero and less than the array’s defined length. Additionally, utilizing safe programming languages with automatic bounds checking or employing static analysis tools can help identify and mitigate these risks during the development lifecycle.

MITRE CWE Description
The product uses untrusted input when calculating or using an array index, but the product does not validate or incorrectly validates the index to ensure the index references a valid position within the array.
Common Consequences (5)
Integrity, AvailabilityDoS: Crash, Exit, or Restart
Use of an index that is outside the bounds of an array will very likely result in the corruption of relevant memory and perhaps instructions, leading to a crash, if the values are outside of the valid memory area.
IntegrityModify Memory
If the memory corrupted is data, rather than instructions, the system will continue to function with improper values.
Confidentiality, IntegrityModify Memory, Read Memory
Use of an index that is outside the bounds of an array can also trigger out-of-bounds read or write operations, or operations on the wrong objects; i.e., "buffer overflows" are not always the result. This may result in the exposure or modification of sensitive data.
Integrity, Confidentiality, AvailabilityExecute Unauthorized Code or Commands
If the memory accessible by the attacker can be effectively controlled, it may be possible to execute arbitrary code, as with a standard buffer overflow and possibly without the use of large inputs if a precise index can be controlled.
Integrity, Availability, ConfidentialityDoS: Crash, Exit, or Restart, Execute Unauthorized Code or Commands, Read Memory, Modify Memory
A single fault could allow either an overflow (CWE-788) or underflow (CWE-786) of the array index. What happens next will depend on the type of operation being performed out of bounds, but can expose sensitive information, cause a system crash, or possibly lead to arbitrary code execution.
Mitigations (5)
Architecture and DesignUse an input validation framework such as Struts or the OWASP ESAPI Validation API. Note that using a framework does not automatically address all input validation problems; be mindful of weaknesses that could arise from misusing the framework itself (CWE-1173).
Architecture and DesignFor any security checks that are performed on the client side, ensure that these checks are duplicated on the server side, in order to avoid CWE-602. Attackers can bypass the client-side checks by modifying values after the checks have been performed, or by changing the client to remove the client-side checks entirely. Then, these modified values would be submitted to the server. Even though clien…
RequirementsUse a language that does not allow this weakness to occur or provides constructs that make this weakness easier to avoid. For example, Ada allows the programmer to constrain the values of a variable and languages such as Java and Ruby will allow the programmer to handle exceptions when an out-of-bounds index is accessed.
Operation, Build and CompilationRun or compile the software using features or extensions that randomly arrange the positions of a program's executable and libraries in memory. Because this makes the addresses unpredictable, it can prevent an attacker from reliably jumping to exploitable code. Examples include Address Space Layout Randomization (ASLR) [REF-58] [REF-60] and Position-Independent Executables (PIE) [REF-64]. Imported…
Effectiveness: Defense in Depth
OperationUse a CPU and operating system that offers Data Execution Protection (using hardware NX or XD bits) or the equivalent techniques that simulate this feature in software, such as PaX [REF-60] [REF-61]. These techniques ensure that any instruction executed is exclusively at a memory address that is part of the code segment. For more information on these techniques see D3-PSEP (Process Segment Executi…
Effectiveness: Defense in Depth
Examples (2)
In the code snippet below, an untrusted integer value is used to reference an object in an array.
public String getValue(int index) { return array[index]; }
Bad · Java
The following example takes a user-supplied value to allocate an array of objects and then operates on the array.
private void buildList ( int untrustedListSize ){ if ( 0 > untrustedListSize ){ die("Negative value supplied for list size, die evil hacker!"); } Widget[] list = new Widget [ untrustedListSize ]; list[0] = new Widget(); }
Bad · Java
CVE IDTitleCVSSSeverityPublished
CVE-2023-35126 JustSystems Ichitaro 缓冲区错误漏洞 — Ichitaro 2023 7.8 High2023-10-19
CVE-2023-24850 Improper Validation of Array Index in HLOS — Snapdragon 7.8 High2023-10-03
CVE-2023-28573 Improper Validation of Array Index in WLAN HAL — Snapdragon 7.8 High2023-09-05
CVE-2023-28567 Improper Validation of Array Index in WLAN HAL — Snapdragon 7.8 High2023-09-05
CVE-2023-28565 Improper Validation of Array Index in WLAN HAL — Snapdragon 7.8 High2023-09-05
CVE-2023-28558 Improper Validation of Array Index in WLAN HAL — Snapdragon 7.8 High2023-09-05
CVE-2023-28557 Improper Validation of Array Index in WLAN HAL — Snapdragon 7.8 High2023-09-05
CVE-2023-28548 Improper Validation of Array Index in WLAN HAL — Snapdragon 7.8 High2023-09-05
CVE-2023-21636 Improper Validation of Array Index in Linux — Snapdragon 6.7 Medium2023-09-05
CVE-2022-40534 Improper Validation of Array Index in Audio — Snapdragon 8.4 High2023-09-05
CVE-2022-33275 Improper validation of array index in WLAN HAL — Snapdragon 8.4 High2023-09-05
CVE-2023-21650 Improper Validation of Array Index in GPS HLOS Driver — Snapdragon 6.7 Medium2023-08-08
CVE-2023-29458 Duktape 2.6 bug crashes JavaScript putting too many values in valstack. — Zabbix 5.9 Medium2023-07-13
CVE-2023-2570 Schneider Electric EcoStruxure Foxboro DCS 输入验证错误漏洞 — EcoStruxure Foxboro DCS Control Core Services 7.0 High2023-06-14
CVE-2023-0950 Array Index UnderFlow in Calc Formula Parsing — LibreOffice 8.8 -2023-05-25
CVE-2022-33281 Improper validation of array index in computer vision. — Snapdragon 6.7 Medium2023-05-02
CVE-2023-28004 Schneider Electric PowerLogic 输入验证错误漏洞 — PowerLogic HDPM6000 9.8 Critical2023-04-18
CVE-2023-2008 Linux kernel 输入验证错误漏洞 — Linux kernel udmabuf device driver 7.8 -2023-04-14
CVE-2022-33302 Improper validation of array index in User Identity Module — Snapdragon 6.8 Medium2023-04-04
CVE-2022-33289 Improper validation of array index in Modem — Snapdragon 6.8 Medium2023-04-04
CVE-2023-20080 Cisco IOS and IOS XE Software IPv6 DHCP (DHCPv6) Relay and Server Denial of Service Vulnerability — Cisco IOS 8.6 High2023-03-23
CVE-2022-40537 Improper Validation of Array Index in Bluetooth HOST — Snapdragon 7.3 High2023-03-07
CVE-2022-33256 Improper validation of array index in Multi-mode call processor — Snapdragon 9.8 Critical2023-03-07
CVE-2023-0755 PTC ThingWorx Edge输入验证错误漏洞 — ThingWorx Edge C-SDK 9.8 Critical2023-02-23
CVE-2023-22401 Junos OS and Junos OS Evolved: PTX10008, PTX10016: When a specific SNMP MIB is queried the FPC will crash — Junos OS 7.5 High2023-01-12
CVE-2023-22408 Junos OS: SRX 5000 Series: Upon processing of a specific SIP packet an FPC can crash — Junos OS 7.5 High2023-01-12
CVE-2022-2951 Altair HyperView Player 输入验证错误漏洞 — HyperView Player 7.8 High2022-12-13
CVE-2022-46152 OP-TEE Trusted OS vulnerable to Improper Validation of Array Index in the cleanup_shm_refs function — optee_os 8.2 High2022-11-29
CVE-2022-31135 Maliciously crafted evidence packet may cause denial of service — akashi 6.5 Medium2022-07-07
CVE-2022-31603 NVIDIA DGX 输入验证错误漏洞 — NVIDIA DGX A100 6.4 Medium2022-07-04

Vulnerabilities classified as CWE-129 (对数组索引的验证不恰当) represent 182 CVEs. The CWE taxonomy describes the weakness; review individual CVEs for product-specific impact.