212 vulnerabilities classified as CWE-191 (整数下溢(超界折返)). AI Chinese analysis included.
CWE-191, Integer Underflow, is a software weakness occurring when a subtraction operation yields a result smaller than the minimum representable integer value, causing an unintended wraparound. This flaw typically arises in both signed and unsigned integer contexts, leading to incorrect calculations that can compromise program logic. Attackers often exploit this vulnerability to manipulate memory allocation sizes or loop counters, potentially triggering buffer overflows or denial-of-service conditions by forcing the system to allocate insufficient resources or enter infinite loops. To mitigate this risk, developers must implement rigorous input validation to ensure operands remain within safe bounds before arithmetic operations. Additionally, using language features that provide automatic bounds checking or employing larger integer types for intermediate calculations can prevent underflow. Regular static analysis and thorough testing are essential to identify and rectify these subtle arithmetic errors before deployment.
#include <stdio.h> #include <stdbool.h> main (void) { int i; i = -2147483648; i = i - 1; return 0; }int a = 5, b = 6; size_t len = a - b; char buf[len]; // Just blows up the stack }| CVE ID | Title | CVSS | Severity | Published |
|---|---|---|---|---|
| CVE-2019-1628 | Cisco Integrated Management Controller Denial of Service Vulnerability — Cisco Unified Computing System (Management Software) | 5.5 | - | 2019-06-20 |
| CVE-2018-14817 | Fuji Electric V-Server VPR 数字错误漏洞 — V-Server | 9.8 | - | 2018-09-26 |
Vulnerabilities classified as CWE-191 (整数下溢(超界折返)) represent 212 CVEs. The CWE taxonomy describes the weakness; review individual CVEs for product-specific impact.