Goal Reached Thanks to every supporter — we hit 100%!

Goal: 1000 CNY · Raised: 1000 CNY

100.0%
Buy Us a Coffee

CWE-682 (数值计算不正确) — Vulnerability Class 42

42 vulnerabilities classified as CWE-682 (数值计算不正确). AI Chinese analysis included.

CWE-682 represents a logic error where software performs calculations that yield incorrect or unintended results, subsequently influencing security-critical decisions or resource management. This weakness is typically exploited by attackers who manipulate input data to trigger arithmetic overflow, underflow, or precision errors, causing the system to miscalculate buffer sizes, access permissions, or authentication thresholds. Consequently, these miscalculations can lead to unauthorized privilege escalation, denial of service through resource exhaustion, or data corruption. To prevent such vulnerabilities, developers must implement rigorous input validation and employ safe arithmetic libraries that detect overflows before they occur. Additionally, using static analysis tools to identify risky mathematical operations and conducting thorough code reviews for complex logic ensures that calculations remain accurate and secure under all expected and unexpected input conditions.

MITRE CWE Description
The product performs a calculation that generates incorrect or unintended results that are later used in security-critical decisions or resource management. When product performs a security-critical calculation incorrectly, it might lead to incorrect resource allocations, incorrect privilege assignments, or failed comparisons among other things. Many of the direct results of an incorrect calculation can lead to even larger problems such as failed protection mechanisms or even arbitrary code execution.
Common Consequences (4)
AvailabilityDoS: Crash, Exit, or Restart
If the incorrect calculation causes the program to move into an unexpected state, it may lead to a crash or impairment of service.
Integrity, Confidentiality, AvailabilityDoS: Crash, Exit, or Restart, DoS: Resource Consumption (Other), Execute Unauthorized Code or Commands
If the incorrect calculation is used in the context of resource allocation, it could lead to an out-of-bounds operation (CWE-119) leading to a crash or even arbitrary code execution. Alternatively, it may result in an integer overflow (CWE-190) and / or a resource consumption problem (CWE-400).
Access ControlGain Privileges or Assume Identity
In the context of privilege or permissions assignment, an incorrect calculation can provide an attacker with access to sensitive resources.
Access ControlBypass Protection Mechanism
If the incorrect calculation leads to an insufficient comparison (CWE-697), it may compromise a protection mechanism such as a validation routine and allow an attacker to bypass the security-critical code.
Mitigations (5)
ImplementationUnderstand your programming language's underlying representation and how it interacts with numeric calculation. Pay close attention to byte size discrepancies, precision, signed/unsigned distinctions, truncation, conversion and casting between types, "not-a-number" calculations, and how your language handles numbers that are too large or too small for its underlying representation.
ImplementationPerform input validation on any numeric input by ensuring that it is within the expected range. Enforce that the input meets both the minimum and maximum requirements for the expected range.
ImplementationUse the appropriate type for the desired action. For example, in C/C++, only use unsigned types for values that could never be negative, such as height, width, or other numbers related to quantity.
Architecture and DesignUse languages, libraries, or frameworks that make it easier to handle numbers without unexpected consequences. Examples include safe integer handling packages such as SafeInt (C++) or IntegerLib (C or C++).
Architecture and DesignUse languages, libraries, or frameworks that make it easier to handle numbers without unexpected consequences. Examples include safe integer handling packages such as SafeInt (C++) or IntegerLib (C or C++).
Examples (2)
The following image processing code allocates a table for images.
img_t table_ptr; /*struct containing img data, 10kB each*/ int num_imgs; ... num_imgs = get_num_imgs(); table_ptr = (img_t*)malloc(sizeof(img_t)*num_imgs); ...
Bad · C
This code attempts to calculate a football team's average number of yards gained per touchdown.
... int touchdowns = team.getTouchdowns(); int yardsGained = team.getTotalYardage(); System.out.println(team.getName() + " averages " + yardsGained / touchdowns + "yards gained for every touchdown scored"); ...
Bad · Java
CVE IDTitleCVSSSeverityPublished
CVE-2022-26517 F5 BIG-IP 安全漏洞 — BIG-IP 5.9 Medium2022-05-05
CVE-2022-23628 Array literal misordering in github.com/open-policy-agent/opa — opa 6.3 Medium2022-02-09
CVE-2022-23028 F5 BIG-IP AFM 安全漏洞 — BIG-IP AFM 5.3 -2022-01-25
CVE-2022-23011 F5 BIG-IP 安全漏洞 — BIG-IP 7.5 -2022-01-25
CVE-2021-41222 Segfault due to negative splits in `SplitV` — tensorflow 5.5 Medium2021-11-05
CVE-2021-41122 Bounds check missing for decimal args in Vyper — vyper 4.3 Medium2021-10-05
CVE-2021-34573 Incorrect calculation in Enbra EWM does not report backflows or no flow events — AT-WMBUS-16-2 6.2 Medium2021-09-16
CVE-2021-31440 Linux Kernel 安全漏洞 — Kernel 7.0 -2021-05-21
CVE-2020-28393 多款 Siemens 设备安全漏洞 — SCALANCE XM-400, XR-500 7.5 -2021-05-12
CVE-2020-26265 Consensus flaw during block processing — go-ethereum 5.3 Medium2020-12-11
CVE-2020-26240 Erroneous Proof of Work calculation in geth — go-ethereum 5.3 Medium2020-11-25
CVE-2020-26241 Shallow copy bug in geth — go-ethereum 6.5 Medium2020-11-25

Vulnerabilities classified as CWE-682 (数值计算不正确) represent 42 CVEs. The CWE taxonomy describes the weakness; review individual CVEs for product-specific impact.