Goal Reached Thanks to every supporter — we hit 100%!

Goal: 1000 CNY · Raised: 1000 CNY

100.0%
Buy Us a Coffee

CWE-191 (整数下溢(超界折返)) — Vulnerability Class 212

212 vulnerabilities classified as CWE-191 (整数下溢(超界折返)). AI Chinese analysis included.

CWE-191, Integer Underflow, is a software weakness occurring when a subtraction operation yields a result smaller than the minimum representable integer value, causing an unintended wraparound. This flaw typically arises in both signed and unsigned integer contexts, leading to incorrect calculations that can compromise program logic. Attackers often exploit this vulnerability to manipulate memory allocation sizes or loop counters, potentially triggering buffer overflows or denial-of-service conditions by forcing the system to allocate insufficient resources or enter infinite loops. To mitigate this risk, developers must implement rigorous input validation to ensure operands remain within safe bounds before arithmetic operations. Additionally, using language features that provide automatic bounds checking or employing larger integer types for intermediate calculations can prevent underflow. Regular static analysis and thorough testing are essential to identify and rectify these subtle arithmetic errors before deployment.

MITRE CWE Description
The product subtracts one value from another, such that the result is less than the minimum allowable integer value, which produces a value that is not equal to the correct result. This can happen in signed and unsigned cases.
Common Consequences (3)
AvailabilityDoS: Crash, Exit, or Restart, DoS: Resource Consumption (CPU), DoS: Resource Consumption (Memory), DoS: Instability
This weakness will generally lead to undefined behavior and therefore crashes. In the case of overflows involving loop index variables, the likelihood of infinite loops is also high.
IntegrityModify Memory
If the value in question is important to data (as opposed to flow), simple data corruption has occurred. Also, if the wrap around results in other conditions such as buffer overflows, further memory corruption may occur.
Confidentiality, Availability, Access ControlExecute Unauthorized Code or Commands, Bypass Protection Mechanism
This weakness can sometimes trigger buffer overflows which can be used to execute arbitrary code. This is usually outside the scope of a program's implicit security policy.
Examples (2)
The following example subtracts from a 32 bit signed integer.
#include <stdio.h> #include <stdbool.h> main (void) { int i; i = -2147483648; i = i - 1; return 0; }
Bad · C
This code performs a stack allocation based on a length calculation.
int a = 5, b = 6; size_t len = a - b; char buf[len];    // Just blows up the stack }
Bad · C
CVE IDTitleCVSSSeverityPublished
CVE-2024-5256 Sonos Era 100 SMB2 Message Handling Integer Underflow Information Disclosure Vulnerability — Era 100 6.5AIMediumAI2024-06-06
CVE-2024-32975 Envoy crashes in QuicheDataReader::PeekVarInt62Length() — envoy 5.9 Medium2024-06-04
CVE-2024-30011 Windows Hyper-V Denial of Service Vulnerability — Windows Server 2019 6.5 Medium2024-05-14
CVE-2024-30008 Windows DWM Core Library Information Disclosure Vulnerability — Windows 10 Version 1809 5.5 Medium2024-05-14
CVE-2023-42118 Exim libspf2 Integer Underflow Remote Code Execution Vulnerability — libspf2 8.8 -2024-05-03
CVE-2024-32040 FreeRDP vulnerable to integer underflow in nsc_rle_decode — FreeRDP 8.1 High2024-04-22
CVE-2024-28933 Microsoft ODBC Driver for SQL Server Remote Code Execution Vulnerability — Microsoft Visual Studio 2019 version 16.11 (includes 16.0 - 16.10) 8.8 High2024-04-09
CVE-2024-28930 Microsoft ODBC Driver for SQL Server Remote Code Execution Vulnerability — Microsoft SQL Server 2019 (CU 25) 8.8 High2024-04-09
CVE-2024-26208 Microsoft Message Queuing (MSMQ) Remote Code Execution Vulnerability — Windows 10 Version 1809 7.2 High2024-04-09
CVE-2024-26244 Microsoft WDAC OLE DB provider for SQL Server Remote Code Execution Vulnerability — Windows 10 Version 1809 8.8 High2024-04-09
CVE-2024-28945 Microsoft OLE DB Driver for SQL Server Remote Code Execution Vulnerability — Microsoft SQL Server 2019 (GDR) 8.8 High2024-04-09
CVE-2024-23313 Biosig Project libbiosig 数字错误漏洞 — libbiosig 9.8 Critical2024-02-20
CVE-2024-0565 Kernel: cifs filesystem decryption improper input validation remote code execution vulnerability in function receive_encrypted_standard of client 6.8 Medium2024-01-15
CVE-2024-21309 Windows Kernel-Mode Driver Elevation of Privilege Vulnerability — Windows Server 2022 7.8 High2024-01-09
CVE-2023-39413 GTKWave 数字错误漏洞 — GTKWave 7.0 High2024-01-08
CVE-2023-39414 GTKWave 数字错误漏洞 — GTKWave 7.0 High2024-01-08
CVE-2023-48298 Integer underflow leading to stack overflow in FPC codec decompression — ClickHouse 5.9 Medium2023-12-21
CVE-2023-43628 GPSd 数字错误漏洞 — GPSd 5.9 Medium2023-12-05
CVE-2023-33059 Buffer Copy Without Checking Size of Input in Audio — Snapdragon 7.8 High2023-11-07
CVE-2023-22308 SoftEther VPN 数字错误漏洞 — SoftEther VPN 7.5 High2023-10-12
CVE-2023-36785 Microsoft ODBC Driver for SQL Server Remote Code Execution Vulnerability — Microsoft SQL Server 2019 (GDR) 7.8 High2023-10-10
CVE-2023-44378 gnark vulnerable to unsoundness in variable comparison/non-unique binary decomposition — gnark 7.1 High2023-10-09
CVE-2023-32653 Accusoft ImageGear 缓冲区错误漏洞 — ImageGear 9.8 Critical2023-09-25
CVE-2023-36794 Visual Studio Remote Code Execution Vulnerability — Microsoft Visual Studio 2017 version 15.9 (includes 15.0 - 15.8) 7.8 High2023-09-12
CVE-2023-36796 Visual Studio Remote Code Execution Vulnerability — Microsoft Visual Studio 2022 version 17.6 7.8 High2023-09-12
CVE-2023-38162 DHCP Server Service Denial of Service Vulnerability — Windows Server 2019 7.5 High2023-09-12
CVE-2023-39350 Incorrect offset calculation leading to denial of service in FreeRDP — FreeRDP 5.9 Medium2023-08-31
CVE-2023-35387 Windows Bluetooth A2DP driver Elevation of Privilege Vulnerability — Windows 10 Version 1809 8.8 High2023-08-08
CVE-2023-36909 Microsoft Message Queuing (MSMQ) Denial of Service Vulnerability — Windows 10 Version 1809 6.5 Medium2023-08-08
CVE-2022-28733 Integer underflow in grub_net_recv_ip4_packets — GNU GRUB 8.1 High2023-07-20

Vulnerabilities classified as CWE-191 (整数下溢(超界折返)) represent 212 CVEs. The CWE taxonomy describes the weakness; review individual CVEs for product-specific impact.