Goal Reached Thanks to every supporter — we hit 100%!

Goal: 1000 CNY · Raised: 1000 CNY

100.0%
Buy Us a Coffee

CWE-191 (整数下溢(超界折返)) — Vulnerability Class 212

212 vulnerabilities classified as CWE-191 (整数下溢(超界折返)). AI Chinese analysis included.

CWE-191, Integer Underflow, is a software weakness occurring when a subtraction operation yields a result smaller than the minimum representable integer value, causing an unintended wraparound. This flaw typically arises in both signed and unsigned integer contexts, leading to incorrect calculations that can compromise program logic. Attackers often exploit this vulnerability to manipulate memory allocation sizes or loop counters, potentially triggering buffer overflows or denial-of-service conditions by forcing the system to allocate insufficient resources or enter infinite loops. To mitigate this risk, developers must implement rigorous input validation to ensure operands remain within safe bounds before arithmetic operations. Additionally, using language features that provide automatic bounds checking or employing larger integer types for intermediate calculations can prevent underflow. Regular static analysis and thorough testing are essential to identify and rectify these subtle arithmetic errors before deployment.

MITRE CWE Description
The product subtracts one value from another, such that the result is less than the minimum allowable integer value, which produces a value that is not equal to the correct result. This can happen in signed and unsigned cases.
Common Consequences (3)
AvailabilityDoS: Crash, Exit, or Restart, DoS: Resource Consumption (CPU), DoS: Resource Consumption (Memory), DoS: Instability
This weakness will generally lead to undefined behavior and therefore crashes. In the case of overflows involving loop index variables, the likelihood of infinite loops is also high.
IntegrityModify Memory
If the value in question is important to data (as opposed to flow), simple data corruption has occurred. Also, if the wrap around results in other conditions such as buffer overflows, further memory corruption may occur.
Confidentiality, Availability, Access ControlExecute Unauthorized Code or Commands, Bypass Protection Mechanism
This weakness can sometimes trigger buffer overflows which can be used to execute arbitrary code. This is usually outside the scope of a program's implicit security policy.
Examples (2)
The following example subtracts from a 32 bit signed integer.
#include <stdio.h> #include <stdbool.h> main (void) { int i; i = -2147483648; i = i - 1; return 0; }
Bad · C
This code performs a stack allocation based on a length calculation.
int a = 5, b = 6; size_t len = a - b; char buf[len];    // Just blows up the stack }
Bad · C
CVE IDTitleCVSSSeverityPublished
CVE-2025-14547 ECJ-PAKE Integer Underflow Vulnerability in Silicon Labs PSA Crypto and SE Manager APIs — Simplicity SDK 7.5AIHighAI2026-02-20
CVE-2025-48021 Yokogawa Electric Corporation Vnet/IP Interface 安全漏洞 — Vnet/IP Interface Package 7.5AIHighAI2026-02-13
CVE-2025-1924 Yokogawa Electric Corporation Vnet/IP Interface 安全漏洞 — Vnet/IP Interface Package 9.8AICriticalAI2026-02-13
CVE-2026-25532 ESF-IDF is Vulnerable to WPS Enrollee Fragment Integer Underflow — esp-idf 6.3 Medium2026-02-04
CVE-2025-62291 strongSwan 数字错误漏洞 — strongSwan 8.1 High2026-01-16
CVE-2026-20957 Microsoft Excel Remote Code Execution Vulnerability — Microsoft 365 Apps for Enterprise 7.8 High2026-01-13
CVE-2025-62567 Windows Hyper-V Denial of Service Vulnerability — Windows 10 Version 1607 5.3 Medium2025-12-09
CVE-2025-59368 ASUS Router 安全漏洞 — Router 6.5AIMediumAI2025-11-25
CVE-2025-11931 Integer Underflow Leads to Out-of-Bounds Access in XChaCha20-Poly1305 Decrypt — wolfSSL 9.8 -2025-11-21
CVE-2025-61835 Substance3D - Stager | Integer Underflow (Wrap or Wraparound) (CWE-191) — Substance3D - Stager 7.8 High2025-11-11
CVE-2025-61826 Illustrator on iPad | Integer Underflow (Wrap or Wraparound) (CWE-191) — Illustrator on iPad 7.8 High2025-11-11
CVE-2025-61836 Illustrator on iPad | Integer Underflow (Wrap or Wraparound) (CWE-191) — Illustrator on iPad 7.8 High2025-11-11
CVE-2025-55096 Inadequate bounds check and potential underflow in _ux_host_class_hid_report_descriptor_get() — NetX Duo 8.2AIHighAI2025-10-17
CVE-2025-62495 Type confusion in string addition in QuickJS — QuickJS 9.8AICriticalAI2025-10-16
CVE-2025-23335 NVIDIA Triton Inference Server 数字错误漏洞 — Triton Inference Server 4.4 Medium2025-08-06
CVE-2025-3947 Integer underflow during processing of short network packets in CDA FTEB responder — C300 PCNT02 8.2 High2025-07-10
CVE-2025-2523 Lack of buffer clearing before reuse may result in incorrect system behavior. — C300 PCNT02 9.4 Critical2025-07-10
CVE-2025-47097 InCopy | Integer Underflow (Wrap or Wraparound) (CWE-191) — InCopy 7.8 High2025-07-08
CVE-2025-47128 Adobe Framemaker | Integer Underflow (Wrap or Wraparound) (CWE-191) — Adobe Framemaker 7.8 High2025-07-08
CVE-2025-47130 Adobe Framemaker | Integer Underflow (Wrap or Wraparound) (CWE-191) — Adobe Framemaker 7.8 High2025-07-08
CVE-2025-49532 Illustrator | Integer Underflow (Wrap or Wraparound) (CWE-191) — Illustrator 7.8 High2025-07-08
CVE-2025-47136 InDesign Desktop | Integer Underflow (Wrap or Wraparound) (CWE-191) — InDesign Desktop 7.8 High2025-07-08
CVE-2025-47996 Windows MBT Transport Driver Elevation of Privilege Vulnerability — Windows 10 Version 1507 7.8 High2025-07-08
CVE-2023-28902 Denial of Service via integer underflow in picserver — Volkswagen MIB3 infotainment system MIB3 OI MQB 3.3 Low2025-06-28
CVE-2025-1991 IBM Informix Dynamic Server denial of service — Informix Dynamic Server 7.5 High2025-06-28
CVE-2025-52471 ESP-NOW Integer Underflow Vulnerability Advisory — esp-idf 9.8AICriticalAI2025-06-24
CVE-2024-54028 Catdoc 安全漏洞 — catdoc 8.4 High2025-06-02
CVE-2025-49112 Valkey 数字错误漏洞 — Valkey 3.1 Low2025-06-02
CVE-2025-4948 Libsoup: integer underflow in soup_multipart_new_from_message() leading to denial of service in libsoup 7.5 High2025-05-19
CVE-2025-30668 Zoom Workplace Apps - NULL Pointer Dereference — Zoom Workplace Apps 6.5 Medium2025-05-14

Vulnerabilities classified as CWE-191 (整数下溢(超界折返)) represent 212 CVEs. The CWE taxonomy describes the weakness; review individual CVEs for product-specific impact.