CWE-191

Integer Underflow (Wrap or Wraparound)

Base

Draft

Description

The product subtracts one value from another, such that the result is less than the minimum allowable integer value, which produces a value that is not equal to the correct result.

This can happen in signed and unsigned cases.

Parent Weaknesses (ChildOf)

CWE-682: Incorrect Calculation...

Common Consequences

Scope

Availability

Impact

DoS: Crash, Exit, or Restart, DoS: Resource Consumption (CPU), DoS: Resource Consumption (Memory), DoS: Instability

Scope

Integrity

Impact

Modify Memory

Scope

Confidentiality

Availability

Access Control

Impact

Execute Unauthorized Code or Commands, Bypass Protection Mechanism

CVE-2004-0816

Integer underflow in firewall via malformed packet.

CVE-2004-1002

Integer underflow by packet with invalid length.

CVE-2005-0199

Long input causes incorrect length calculation.

CVE-2005-1891

Malformed icon causes integer underflow in loop counter variable.

Applicable Platforms

C++

Java

Security Training

Train your team to recognize and prevent security threats with our comprehensive security awareness program.

Start Training

Vulnerability Scanning

Discover vulnerabilities in your applications and infrastructure before attackers do.

Scan Now

CWE-191

Integer Underflow (Wrap or Wraparound)

Description

Relationships

Common Consequences

Related CVEs

Applicable Platforms