Goal Reached Thanks to every supporter — we hit 100%!

Goal: 1000 CNY · Raised: 1000 CNY

100.0%
Buy Us a Coffee

CWE-823 (使用越界的指针偏移) — Vulnerability Class 86

86 vulnerabilities classified as CWE-823 (使用越界的指针偏移). AI Chinese analysis included.

CWE-823 represents a critical memory safety weakness where software executes pointer arithmetic using an offset that exceeds the bounds of the intended memory region. This flaw typically arises when developers fail to validate calculated addresses against the allocated buffer’s limits, allowing the resulting pointer to reference unauthorized or uninitialized memory locations. Attackers exploit this vulnerability to trigger out-of-bounds reads or writes, potentially leading to information disclosure, application crashes, or arbitrary code execution by overwriting adjacent memory structures. To mitigate this risk, developers must rigorously enforce boundary checks before performing any pointer arithmetic operations. Implementing static analysis tools and dynamic memory sanitizers helps detect invalid offsets during testing, while adhering to safe programming practices ensures that all pointer calculations remain strictly within the allocated memory footprint, thereby preserving application integrity and preventing exploitation.

MITRE CWE Description
The product performs pointer arithmetic on a valid pointer, but it uses an offset that can point outside of the intended range of valid memory locations for the resulting pointer. While a pointer can contain a reference to any arbitrary memory location, a program typically only intends to use the pointer to access limited portions of memory, such as contiguous memory used to access an individual array. Programs may use offsets in order to access fields or sub-elements stored within structured data. The offset might be out-of-range if it comes from an untrusted source, is the result of an incorrect calculation, or occurs because of another error. If an attacker can control or influence the offset so that it points outside of the intended boundaries of the structure, then the attacker may be able to read or write to memory locations that are used elsewhere in the product. As a result, the attack might change the state of the product as accessed through program variables, cause a crash or instable behavior, and possibly lead to code execution.
Common Consequences (3)
ConfidentialityRead Memory
If the untrusted pointer is used in a read operation, an attacker might be able to read sensitive portions of memory.
AvailabilityDoS: Crash, Exit, or Restart
If the untrusted pointer references a memory location that is not accessible to the program, or points to a location that is "malformed" or larger than expected by a read or write operation, the application may terminate unexpectedly.
Integrity, Confidentiality, AvailabilityExecute Unauthorized Code or Commands, Modify Memory
If the untrusted pointer is used in a function call, or points to unexpected data in a write operation, then code execution may be possible.
CVE IDTitleCVSSSeverityPublished
CVE-2022-46377 Weston Embedded uC-FTPs 缓冲区错误漏洞 — uC-FTPs 6.5 Medium2023-05-10
CVE-2022-46378 Weston Embedded uC-FTPs 缓冲区错误漏洞 — uC-FTPs 6.5 Medium2023-05-10
CVE-2023-2426 Use of Out-of-range Pointer Offset in vim/vim — vim/vim 7.8 -2023-04-29
CVE-2022-25709 Use of Out-of-range Pointer Offset in Data Modem — Snapdragon 8.4 High2023-03-07
CVE-2022-25694 Use of Out-of-range Pointer Offset in MODEM — Snapdragon 8.4 High2023-03-07
CVE-2022-33246 Use of out-of-range pointer offset in Audio — Snapdragon 6.7 Medium2023-02-09
CVE-2022-43665 ESTsoft Alyac 安全漏洞 — Alyac 5.5 -2023-02-02
CVE-2022-42264 NVIDIA GPU Display Driver 缓冲区错误漏洞 — vGPU software (guest driver) - Linux, vGPU software (Virtual GPU Manager), NVIDIA Cloud Gaming (guest driver), NVIDIA Cloud Gaming (Virtual GPU Manager) 7.1 High2022-12-30
CVE-2022-32142 CODESYS runtime system prone to denial of service due to use of out of range pointer — Runtime Toolkit 8.1 High2022-06-24
CVE-2022-21147 ESTsoft Alyac 缓冲区错误漏洞 — Alyac 5.5 -2022-05-12
CVE-2022-1420 Use of Out-of-range Pointer Offset in vim/vim — vim/vim 7.8 -2022-04-21
CVE-2022-0729 Use of Out-of-range Pointer Offset in vim/vim — vim/vim 7.8 -2022-02-23
CVE-2022-0685 Use of Out-of-range Pointer Offset in vim/vim — vim/vim 7.8 -2022-02-20
CVE-2022-0614 Use of Out-of-range Pointer Offset in mruby/mruby — mruby/mruby 7.1 -2022-02-16
CVE-2022-0554 Use of Out-of-range Pointer Offset in vim/vim — vim/vim 7.8 -2022-02-10
CVE-2021-34595 CODESYS V2 runtime: out-of-bounds read or write access may result in denial-of-service — CODESYS V2 8.1 High2021-10-26
CVE-2021-3889 Use of Out-of-range Pointer Offset in bfabiszewski/libmobi — bfabiszewski/libmobi 8.1 -2021-10-19
CVE-2021-3888 Use of Out-of-range Pointer Offset in bfabiszewski/libmobi — bfabiszewski/libmobi 8.1 -2021-10-19
CVE-2021-22550 Enclave memory overwrite/overread vulnerability in Asylo UntrustedCacheMalloc::GetBuffer — Asylo 6.5 Medium2021-06-08
CVE-2021-22549 Arbitrary enclave memory overwrite vulnerability in Asylo TrustedPrimitives::UntrustedCall — Asylo 6.5 Medium2021-06-08
CVE-2020-27009 多款Siemens产品 缓冲区错误漏洞 — APOGEE PXC Compact (BACnet) 8.1 High2021-04-22
CVE-2021-1352 Cisco IOS XE Software DECnet Phase IV/OSI Denial of Service Vulnerability — Cisco IOS XE Software 7.4 High2021-03-24
CVE-2020-13573 Rockwell Automation RSLinx Classic 缓冲区错误漏洞 — Rockwell Automation 7.5 -2021-01-07
CVE-2020-6112 Nitro Software Nitro Pro 安全漏洞 — Nitro Pro 8.8 -2020-09-17
CVE-2020-8904 Arbitrary trusted memory overwrite vulnerability in Asylo — Asylo 6.4 Medium2020-08-12
CVE-2016-2161 Apache HTTP Server 安全漏洞 — Apache HTTP Server 7.5 -2017-07-27

Vulnerabilities classified as CWE-823 (使用越界的指针偏移) represent 86 CVEs. The CWE taxonomy describes the weakness; review individual CVEs for product-specific impact.