Skip to main content

Integer Overflow

memory MEDIUM

Integer overflow occurs when an arithmetic operation produces a result that exceeds the maximum value a given integer type can store.

How It Works

Integer overflow occurs when an arithmetic operation produces a result that exceeds the maximum value a given integer type can store. In C/C++, this causes the value to "wrap around" to a small number—for example, if a 32-bit unsigned integer at maximum value (4,294,967,295) has 1 added, it wraps to 0. Attackers exploit this by providing carefully crafted input values that, when used in calculations, produce unexpectedly small results.

The most dangerous scenario involves memory allocation. An attacker supplies large values that overflow during size calculations (often when adding header sizes, element counts, or alignment padding), producing a small allocation size. When the program later writes the originally intended large amount of data into this undersized buffer, a heap overflow occurs. For instance: size = user_count * sizeof(struct) + header might overflow if user_count is sufficiently large, resulting in malloc() allocating a tiny buffer that subsequent operations overflow.

Integer overflows also enable logic bypasses. Length checks can be circumvented when overflowed values appear to pass validation. Loop bounds may become incorrect, causing excessive iterations or premature termination. Signed integer overflow (technically undefined behavior in C/C++) can flip positive values to negative, bypassing security checks that assume non-negative numbers.

Impact

  • Heap buffer overflow: Undersized allocations lead to memory corruption, enabling arbitrary code execution
  • Authentication bypass: Overflowed counters or size checks may skip security validations
  • Denial of service: Invalid memory operations cause crashes or infinite loops
  • Information disclosure: Incorrect bounds allow reading beyond intended memory regions
  • Privilege escalation: Combined with memory corruption, can compromise system integrity

Real-World Examples

The OpenSSH authentication bypass (CVE-2002-0639) involved an integer overflow in challenge-response handling where the number of responses could overflow, allowing authentication bypass. The overflow caused allocation of insufficient memory, which subsequent code exploited to execute arbitrary code.

ImageMagick suffered multiple integer overflow vulnerabilities (CVE-2016-3714 and related) where maliciously crafted image files with extreme dimension values caused size calculations to overflow. This resulted in small heap allocations followed by large writes, enabling remote code execution through image processing.

The Linux kernel's do_brk() function (CVE-2003-0961) contained an integer overflow when calculating memory region sizes. Attackers could wrap the size value to bypass length checks and map memory at arbitrary locations, achieving local privilege escalation.

Mitigation

  • Safe arithmetic libraries: Use compiler intrinsics (__builtin_add_overflow) or libraries (SafeInt, Rust's checked arithmetic) that detect overflow
  • Pre-calculation validation: Check that operands won't overflow before performing arithmetic operations
  • Compiler protections: Enable -ftrapv (GCC) or /RTCc (MSVC) to trap signed overflow; use UBSan for detection
  • Use larger types: Perform calculations in 64-bit integers when operands are 32-bit, verify result fits before casting down
  • Input validation: Enforce maximum reasonable values on user input before arithmetic
  • Modern languages: Use languages with overflow checking (Rust, Swift) or arbitrary precision integers (Python, Java BigInteger)

Recent CVEs (2762)

EPSS 0% CVSS 7.8
HIGH This Week

Bridge versions 15.0.3, 14.1.6 and earlier are affected by an Integer Underflow (Wrap or Wraparound) vulnerability that could result in arbitrary code execution in the context of the current user. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Integer Overflow RCE Bridge
NVD
EPSS 0% CVSS 7.8
HIGH This Week

Photoshop Desktop versions 26.5, 25.12.2 and earlier are affected by an Integer Overflow or Wraparound vulnerability that could result in arbitrary code execution in the context of the current user. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Integer Overflow RCE Photoshop
NVD
EPSS 0% CVSS 7.8
HIGH This Week

Photoshop Desktop versions 26.5, 25.12.2 and earlier are affected by an Integer Underflow (Wrap or Wraparound) vulnerability that could result in arbitrary code execution in the context of the. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Integer Overflow RCE Photoshop
NVD
EPSS 1% CVSS 7.5
HIGH This Week

An integer overflow was addressed with improved input validation. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Integer Overflow Information Disclosure Apple
NVD
EPSS 0% CVSS 5.5
MEDIUM PATCH This Month

In the Linux kernel, the following vulnerability has been resolved: fs/jfs: Prevent integer overflow in AG size calculation The JFS filesystem calculates allocation group (AG) size using 1 <<. Rated medium severity (CVSS 5.5), this vulnerability is low attack complexity.

Integer Overflow Linux Denial Of Service +4
NVD
EPSS 0% CVSS 5.5
MEDIUM PATCH This Month

In the Linux kernel, the following vulnerability has been resolved: scsi: st: Fix array overflow in st_setup() Change the array size to follow parms size instead of a fixed value. Rated medium severity (CVSS 5.5), this vulnerability is low attack complexity. This Integer Overflow vulnerability could allow attackers to cause unexpected behavior through arithmetic overflow.

Integer Overflow Buffer Overflow Linux +4
NVD
EPSS 0% CVSS 5.6
MEDIUM PATCH This Month

Libxmp through 4.6.2 has a stack-based buffer overflow in depack_pha in loaders/prowizard/pha.c via a malformed Pha format tracker module in a .mod file. Rated medium severity (CVSS 5.6), this vulnerability is no authentication required. No vendor patch available.

Integer Overflow Buffer Overflow Suse
NVD GitHub
EPSS 0% CVSS 7.8
HIGH PATCH This Week

Memory corruption Camera kernel when large number of devices are attached through userspace. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. This Integer Overflow vulnerability could allow attackers to cause unexpected behavior through arithmetic overflow.

Integer Overflow Buffer Overflow Fastconnect 6900 Firmware +13
NVD
EPSS 1% CVSS 6.5
MEDIUM POC PATCH This Month

ping in iputils before 20250602 allows a denial of service (application error or incorrect data collection) via a crafted ICMP Echo Reply packet, because of a signed 64-bit integer overflow in. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Integer Overflow Denial Of Service
NVD GitHub
EPSS 0% CVSS 5.5
MEDIUM PATCH This Month

In the Linux kernel, the following vulnerability has been resolved: ACPI: APEI: Fix integer overflow in ghes_estatus_pool_init() Change num_ghes from int to unsigned int, preventing an overflow and. Rated medium severity (CVSS 5.5), this vulnerability is low attack complexity.

Integer Overflow Buffer Overflow Linux +3
NVD
EPSS 0% CVSS 7.5
HIGH This Week

Tesla Model 3 VCSEC Integer Overflow Remote Code Execution Vulnerability. Rated high severity (CVSS 7.5), this vulnerability is no authentication required. No vendor patch available.

Integer Overflow RCE Model 3 Firmware
NVD
EPSS 0% CVSS 6.5
MEDIUM This Month

An integer overflow was addressed with improved input validation. Rated medium severity (CVSS 6.5), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Integer Overflow Buffer Overflow Apple
NVD
EPSS 0% CVSS 7.8
HIGH PATCH This Week

GIMP XWD File Parsing Integer Overflow Remote Code Execution Vulnerability. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Integer Overflow RCE Gimp +1
NVD VulDB
EPSS 0% CVSS 3.3
LOW POC PATCH Monitor

DragonflyDB Dragonfly through 1.28.2 (fixed in 1.29.0) allows authenticated users to cause a denial of service (daemon crash) via a Lua library command that references a large negative integer. Rated low severity (CVSS 3.3), this vulnerability is low attack complexity. Public exploit code available.

Integer Overflow Denial Of Service Dragonfly
NVD GitHub
EPSS 0% CVSS 5.5
MEDIUM PATCH This Month

In the Linux kernel, the following vulnerability has been resolved: RDMA/mlx5: Fix page_size variable overflow Change all variables storing mlx5_umem_mkc_find_best_pgsz() result to unsigned long to. Rated medium severity (CVSS 5.5), this vulnerability is low attack complexity. This Integer Overflow vulnerability could allow attackers to cause unexpected behavior through arithmetic overflow.

Integer Overflow Buffer Overflow Linux +3
NVD
EPSS 0% CVSS 5.5
MEDIUM PATCH This Month

In the Linux kernel, the following vulnerability has been resolved: fs/ntfs3: Fix a couple integer overflows on 32bit systems On 32bit systems the "off + sizeof(struct NTFS_DE)" addition can have an. Rated medium severity (CVSS 5.5), this vulnerability is low attack complexity.

Integer Overflow Buffer Overflow Linux +3
NVD
EPSS 0% CVSS 5.5
MEDIUM PATCH This Month

In the Linux kernel, the following vulnerability has been resolved: fs/ntfs3: Prevent integer overflow in hdr_first_de() The "de_off" and "used" variables come from the disk so they both need to. Rated medium severity (CVSS 5.5), this vulnerability is low attack complexity.

Integer Overflow Buffer Overflow Linux +3
NVD
EPSS 0% CVSS 5.5
MEDIUM PATCH This Month

In the Linux kernel, the following vulnerability has been resolved: udp: Fix multiple wraparounds of sk->sk_rmem_alloc. Rated medium severity (CVSS 5.5), this vulnerability is low attack complexity. This Integer Overflow vulnerability could allow attackers to cause unexpected behavior through arithmetic overflow.

Integer Overflow Buffer Overflow Linux +3
NVD
EPSS 0% CVSS 5.5
MEDIUM PATCH This Month

In the Linux kernel, the following vulnerability has been resolved: net: fix geneve_opt length integer overflow struct geneve_opt uses 5 bit length for each single option, which means every vary size. Rated medium severity (CVSS 5.5), this vulnerability is low attack complexity.

Integer Overflow Buffer Overflow Linux
NVD
EPSS 0% CVSS 6.5
MEDIUM This Month

A low privileged user can set the date of the devices to the 19th of January 2038 an therefore exceed the 32-Bit time limit. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Integer Overflow Information Disclosure
NVD
EPSS 0% CVSS 8.1
HIGH POC PATCH This Week

Vulnerability in the Oracle VM VirtualBox product of Oracle Virtualization (component: Core). Rated high severity (CVSS 8.1), this vulnerability is low attack complexity. Public exploit code available.

Integer Overflow Oracle Authentication Bypass +3
NVD GitHub
EPSS 0% CVSS 5.6
MEDIUM PATCH This Month

In SQLite 3.49.0 before 3.49.1, certain argument values to sqlite3_db_config (in the C-language API) can cause a denial of service (application crash). Rated medium severity (CVSS 5.6), this vulnerability is no authentication required. This Integer Overflow vulnerability could allow attackers to cause unexpected behavior through arithmetic overflow.

Integer Overflow Denial Of Service Sqlite +2
NVD GitHub
EPSS 0% CVSS 6.5
MEDIUM This Month

Dell PowerScale OneFS, versions 9.4.0.0 through 9.10.0.1, contains an integer overflow or wraparound vulnerability. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Integer Overflow Dell Denial Of Service +1
NVD
EPSS 0% CVSS 7.8
HIGH This Week

Adobe Framemaker versions 2020.8, 2022.6 and earlier are affected by an Integer Underflow (Wrap or Wraparound) vulnerability that could result in arbitrary code execution in the context of the. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Integer Overflow Adobe RCE +1
NVD
EPSS 0% CVSS 3.2
LOW Monitor

In SQLite 3.44.0 through 3.49.0 before 3.49.1, the concat_ws() SQL function can cause memory to be written beyond the end of a malloc-allocated buffer. Rated low severity (CVSS 3.2), this vulnerability is no authentication required. No vendor patch available.

Integer Overflow Buffer Overflow Sqlite
NVD GitHub
EPSS 0% CVSS 3.7
LOW Monitor

A flaw was found in GLib. Rated low severity (CVSS 3.7), this vulnerability is remotely exploitable, no authentication required. No vendor patch available.

Integer Overflow Buffer Overflow
NVD VulDB
EPSS 0% CVSS 6.5
MEDIUM This Month

in OpenHarmony v5.0.2 and prior versions allow a local attacker arbitrary code execution in pre-installed apps through integer overflow. Rated medium severity (CVSS 6.5), this vulnerability is low attack complexity. No vendor patch available.

Integer Overflow RCE Openharmony
NVD
EPSS 0% CVSS 5.3
MEDIUM PATCH This Month

In NetX HTTP server functionality of Eclipse ThreadX NetX Duo before version 6.4.3, an attacker can cause an integer underflow and a subsequent denial of service by writing a very large file, by. Rated medium severity (CVSS 5.3), this vulnerability is remotely exploitable, low attack complexity.

Integer Overflow Denial Of Service Threadx Netx Duo
NVD GitHub
EPSS 0% CVSS 5.3
MEDIUM PATCH This Month

In NetX Duo component HTTP server functionality of Eclipse ThreadX NetX Duo before version 6.4.3, an attacker can cause an integer underflow and a subsequent denial of service by writing a very large. Rated medium severity (CVSS 5.3), this vulnerability is remotely exploitable, low attack complexity.

Integer Overflow Denial Of Service Threadx Netx Duo
NVD GitHub
EPSS 0% CVSS 4.0
MEDIUM POC PATCH Monitor

A floating-point exception in the PSStack::roll function of Poppler before 25.04.0 can cause an application to crash when handling malformed inputs associated with INT_MIN. Rated medium severity (CVSS 4.0), this vulnerability is no authentication required, low attack complexity. Public exploit code available.

Integer Overflow Denial Of Service Poppler +2
NVD
EPSS 0% CVSS 5.5
MEDIUM PATCH This Month

In the Linux kernel, the following vulnerability has been resolved: accel/qaic: Fix integer overflow in qaic_validate_req() These are u64 variables that come from the user via. Rated medium severity (CVSS 5.5), this vulnerability is low attack complexity.

Integer Overflow Buffer Overflow Linux +3
NVD
EPSS 0% CVSS 5.5
MEDIUM PATCH This Month

In the Linux kernel, the following vulnerability has been resolved: xsk: fix an integer overflow in xp_create_and_assign_umem() Since the i and pool->chunk_size variables are of type 'u32', their. Rated medium severity (CVSS 5.5), this vulnerability is low attack complexity.

Integer Overflow Buffer Overflow Linux +3
NVD
EPSS 0% CVSS 7.9
HIGH This Week

Integer overflow within AMD NPU Driver could allow a local attacker to write out of bounds, potentially leading to loss of confidentiality, integrity or availability. Rated high severity (CVSS 7.9), this vulnerability is low attack complexity. No vendor patch available.

Integer Overflow Buffer Overflow Amd
NVD
EPSS 0% CVSS 7.9
HIGH This Week

Integer overflow within the AMD NPU Driver could allow a local attacker to write out of bounds, potentially leading to a loss of confidentiality, integrity, or availability. Rated high severity (CVSS 7.9), this vulnerability is low attack complexity. No vendor patch available.

Integer Overflow Buffer Overflow Amd
NVD
EPSS 0% CVSS 7.3
HIGH This Week

Integer overflow within AMD NPU Driver could allow a local attacker to write out of bounds, potentially leading to loss of integrity or availability. Rated high severity (CVSS 7.3), this vulnerability is low attack complexity. No vendor patch available.

Integer Overflow Buffer Overflow Amd
NVD
EPSS 0% CVSS 4.3
MEDIUM POC This Month

An integer underflow vulnerability exists in the HTTP server PUT request functionality of STMicroelectronics X-CUBE-AZRTOS-WL 2.0.0. Rated medium severity (CVSS 4.3), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

Integer Overflow Denial Of Service X Cube Azrt H7Rs +9
NVD
EPSS 0% CVSS 4.3
MEDIUM POC Monitor

An integer underflow vulnerability exists in the HTTP server PUT request functionality of STMicroelectronics X-CUBE-AZRTOS-WL 2.0.0. Rated medium severity (CVSS 4.3), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

Integer Overflow Denial Of Service X Cube Azrt H7Rs +9
NVD
EPSS 0% CVSS 4.3
MEDIUM POC This Month

An integer underflow vulnerability exists in the HTTP server PUT request functionality of STMicroelectronics X-CUBE-AZRTOS-WL 2.0.0. Rated medium severity (CVSS 4.3), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

Integer Overflow Denial Of Service X Cube Azrt H7Rs +9
NVD
EPSS 0% CVSS 4.3
MEDIUM POC This Month

An integer underflow vulnerability exists in the HTTP server PUT request functionality of STMicroelectronics X-CUBE-AZRTOS-WL 2.0.0. Rated medium severity (CVSS 4.3), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

Integer Overflow Denial Of Service X Cube Azrt H7Rs +9
NVD
EPSS 1% CVSS 9.3
CRITICAL POC PATCH Act Now

CryptoLib provides a software-only solution using the CCSDS Space Data Link Security Protocol - Extended Procedures (SDLS-EP) to secure communications between a spacecraft running the core Flight. Rated critical severity (CVSS 9.3), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available.

Integer Overflow Buffer Overflow Cryptolib
NVD GitHub
EPSS 0% CVSS 5.5
MEDIUM PATCH This Month

In the Linux kernel, the following vulnerability has been resolved: cifs: Fix integer overflow while processing acregmax mount option User-provided mount parameter acregmax of type u32 is intended to. Rated medium severity (CVSS 5.5), this vulnerability is low attack complexity.

Integer Overflow Buffer Overflow Linux +3
NVD
EPSS 0% CVSS 5.5
MEDIUM PATCH This Month

In the Linux kernel, the following vulnerability has been resolved: cifs: Fix integer overflow while processing acdirmax mount option User-provided mount parameter acdirmax of type u32 is intended to. Rated medium severity (CVSS 5.5), this vulnerability is low attack complexity.

Integer Overflow Buffer Overflow Linux +3
NVD
EPSS 0% CVSS 5.5
MEDIUM PATCH This Month

In the Linux kernel, the following vulnerability has been resolved: cifs: Fix integer overflow while processing closetimeo mount option User-provided mount parameter closetimeo of type u32 is. Rated medium severity (CVSS 5.5), this vulnerability is low attack complexity.

Integer Overflow Buffer Overflow Linux +3
NVD
EPSS 0% CVSS 5.5
MEDIUM PATCH This Month

In the Linux kernel, the following vulnerability has been resolved: netfilter: ipset: Fix overflow before widen in the bitmap_ip_create() function. Rated medium severity (CVSS 5.5), this vulnerability is low attack complexity. This Integer Overflow vulnerability could allow attackers to cause unexpected behavior through arithmetic overflow.

Integer Overflow Buffer Overflow Linux +3
NVD
EPSS 0% CVSS 5.5
MEDIUM PATCH This Month

In the Linux kernel, the following vulnerability has been resolved: Squashfs: fix handling and sanity checking of xattr_ids count A Sysbot [1] corrupted filesystem exposes two flaws in the handling. Rated medium severity (CVSS 5.5), this vulnerability is low attack complexity. This Integer Overflow vulnerability could allow attackers to cause unexpected behavior through arithmetic overflow.

Integer Overflow Google Buffer Overflow +4
NVD
EPSS 0% CVSS 5.5
MEDIUM PATCH This Month

In the Linux kernel, the following vulnerability has been resolved: cpufreq: CPPC: Add u64 casts to avoid overflowing The fields of the _CPC object are unsigned 32-bits values. Rated medium severity (CVSS 5.5), this vulnerability is low attack complexity. This Integer Overflow vulnerability could allow attackers to cause unexpected behavior through arithmetic overflow.

Integer Overflow Buffer Overflow Linux +3
NVD
EPSS 0% CVSS 5.5
MEDIUM PATCH This Month

In the Linux kernel, the following vulnerability has been resolved: i2c: designware: use casting of u64 in clock multiplication to avoid overflow In functions i2c_dw_scl_lcnt() and i2c_dw_scl_hcnt(). Rated medium severity (CVSS 5.5), this vulnerability is low attack complexity. This Integer Overflow vulnerability could allow attackers to cause unexpected behavior through arithmetic overflow.

Integer Overflow Buffer Overflow Linux +3
NVD
EPSS 0% CVSS 5.5
MEDIUM PATCH This Month

In the Linux kernel, the following vulnerability has been resolved: perf/x86/amd: fix potential integer overflow on shift of a int The left shift of int 32 bit integer constant 1 is evaluated using. Rated medium severity (CVSS 5.5), this vulnerability is low attack complexity.

Integer Overflow Buffer Overflow Linux +4
NVD
EPSS 2% CVSS 7.5
HIGH PATCH This Week

An integer overflow in Nethermind Juno before v.12.05 within the Sierra bytecode decompression logic within the "cairo-lang-starknet-classes" library could allow remote attackers to trigger an. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

Integer Overflow Denial Of Service Juno +1
NVD GitHub
EPSS 0% CVSS 2.1
LOW Monitor

Out-of-bounds array write in Xpdf 4.05 and earlier, due to incorrect integer overflow checking in the PostScript function interpreter code. Rated low severity (CVSS 2.1), this vulnerability is no authentication required. No vendor patch available.

Integer Overflow Buffer Overflow
NVD
EPSS 2% CVSS 8.9
HIGH POC PATCH This Week

CryptoLib provides a software-only solution using the CCSDS Space Data Link Security Protocol - Extended Procedures (SDLS-EP) to secure communications between a spacecraft running the core Flight. Rated high severity (CVSS 8.9), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available.

Integer Overflow Buffer Overflow RCE +2
NVD GitHub
EPSS 0% CVSS 4.6
MEDIUM PATCH This Month

containerd is an open-source container runtime. Rated medium severity (CVSS 4.6), this vulnerability is low attack complexity. This Integer Overflow vulnerability could allow attackers to cause unexpected behavior through arithmetic overflow.

Integer Overflow Buffer Overflow Containerd +3
NVD GitHub
EPSS 0% CVSS 3.5
LOW Monitor

EDK2 contains a vulnerability in BIOS where a user may cause an Integer Overflow or Wraparound by network means. Rated low severity (CVSS 3.5), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Integer Overflow Denial Of Service
NVD GitHub
EPSS 1% CVSS 8.8
HIGH POC PATCH This Week

An integer underflow during deserialization may allow any unauthenticated user to read out of bounds heap memory. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available.

Integer Overflow Deserialization Denial Of Service +1
NVD GitHub
EPSS 0% CVSS 7.3
HIGH PATCH This Week

A vulnerability classified as critical was found in libzvb versions up to 0.2.43. contains a security vulnerability (CVSS 7.3).

Integer Overflow Suse
NVD GitHub VulDB
EPSS 0% CVSS 7.3
HIGH PATCH This Week

A vulnerability classified as critical has been found in libzvb versions up to 0.2.43. contains a security vulnerability (CVSS 7.3).

Integer Overflow Suse
NVD GitHub VulDB
EPSS 0% CVSS 4.3
MEDIUM PATCH This Month

A vulnerability was found in libzvb versions up to 0.2.43. contains a security vulnerability (CVSS 4.3).

Integer Overflow Suse
NVD GitHub VulDB
EPSS 1% CVSS 5.3
MEDIUM PATCH This Month

A vulnerability was found in libzvb versions up to 0.2.43. contains a security vulnerability (CVSS 5.3).

Integer Overflow Suse
NVD GitHub VulDB
EPSS 0% CVSS 8.4
HIGH This Week

In dhd_process_full_gscan_result of dhd_pno.c, there is a possible EoP due to an integer overflow. This could lead to local escalation of privilege with no additional execution privileges needed. [CVSS 8.4 HIGH]

Privilege Escalation Integer Overflow
NVD
EPSS 0% CVSS 3.8
LOW Monitor

in OpenHarmony v5.0.2 and prior versions allow a local attacker arbitrary code execution in pre-installed apps through integer overflow. Rated low severity (CVSS 3.8), this vulnerability is low attack complexity. No vendor patch available.

Integer Overflow RCE Openharmony
NVD
EPSS 0% CVSS 3.8
LOW Monitor

in OpenHarmony v5.0.2 and prior versions allow a local attacker arbitrary code execution in pre-installed apps through integer overflow. Rated low severity (CVSS 3.8), this vulnerability is low attack complexity. No vendor patch available.

Integer Overflow RCE Openharmony
NVD
EPSS 0% CVSS 7.8
HIGH PATCH This Week

A flaw was found in grub2. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. No vendor patch available.

Integer Overflow Buffer Overflow RCE +3
NVD
EPSS 0% CVSS 5.5
MEDIUM PATCH This Month

A stack overflow flaw was found when reading a BFS file system. Rated medium severity (CVSS 4.1). No vendor patch available.

Integer Overflow Denial Of Service Grub2 +2
NVD VulDB
EPSS 0% CVSS 6.0
MEDIUM PATCH This Month

An integer overflow flaw was found in the BFS file system driver in grub2. Rated medium severity (CVSS 6.0), this vulnerability is low attack complexity. No vendor patch available.

Integer Overflow Information Disclosure Grub2
NVD
EPSS 0% CVSS 5.5
MEDIUM This Month

Transient DOS can occur while processing UCI command. Rated medium severity (CVSS 5.5), this vulnerability is low attack complexity. No vendor patch available.

Integer Overflow Information Disclosure Fastconnect 7800 Firmware +17
NVD
EPSS 0% CVSS 6.5
MEDIUM This Month

In da, there is a possible out of bounds read due to an integer overflow. Rated medium severity (CVSS 6.5), this vulnerability is low attack complexity. No vendor patch available.

Integer Overflow Buffer Overflow Information Disclosure +2
NVD
EPSS 0% CVSS 5.5
MEDIUM PATCH This Month

In the Linux kernel, the following vulnerability has been resolved: ksmbd: fix integer overflows on 32 bit systems On 32bit systems the addition operations in ipc_msg_alloc() can potentially overflow. Rated medium severity (CVSS 5.5), this vulnerability is low attack complexity.

Integer Overflow Buffer Overflow Linux +3
NVD
EPSS 0% CVSS 5.5
MEDIUM PATCH This Month

In the Linux kernel, the following vulnerability has been resolved: nilfs2: fix possible int overflows in nilfs_fiemap() Since nilfs_bmap_lookup_contig() in nilfs_fiemap() calculates its result by. Rated medium severity (CVSS 5.5), this vulnerability is low attack complexity. This Integer Overflow vulnerability could allow attackers to cause unexpected behavior through arithmetic overflow.

Integer Overflow Buffer Overflow Linux +3
NVD
EPSS 0% CVSS 5.5
MEDIUM PATCH This Month

In the Linux kernel, the following vulnerability has been resolved: printk: Fix signed integer overflow when defining LOG_BUF_LEN_MAX Shifting 1 << 31 on a 32-bit int causes signed integer overflow,. Rated medium severity (CVSS 5.5), this vulnerability is low attack complexity.

Integer Overflow Buffer Overflow Linux
NVD VulDB
EPSS 0% CVSS 5.5
MEDIUM PATCH This Month

In the Linux kernel, the following vulnerability has been resolved: binfmt_flat: Fix integer overflow bug on 32 bit systems Most of these sizes and counts are capped at 256MB so the math doesn't. Rated medium severity (CVSS 5.5), this vulnerability is low attack complexity.

Integer Overflow Buffer Overflow Linux +3
NVD VulDB
EPSS 0% CVSS 5.5
MEDIUM PATCH This Month

In the Linux kernel, the following vulnerability has been resolved: drm/msm/gem: prevent integer overflow in msm_ioctl_gem_submit() The "submit->cmd[i].size" and "submit->cmd[i].offset" variables are. Rated medium severity (CVSS 5.5), this vulnerability is low attack complexity.

Integer Overflow Buffer Overflow Linux +3
NVD
EPSS 0% CVSS 5.5
MEDIUM PATCH This Month

In the Linux kernel, the following vulnerability has been resolved: drm: zynqmp_dp: Fix integer overflow in zynqmp_dp_rate_get() This patch fixes a potential integer overflow in the. Rated medium severity (CVSS 5.5), this vulnerability is low attack complexity.

Integer Overflow Buffer Overflow Linux +3
NVD
EPSS 0% CVSS 5.5
MEDIUM PATCH This Month

In the Linux kernel, the following vulnerability has been resolved: net/rose: prevent integer overflows in rose_setsockopt() In case of possible unpredictably large arguments passed to. Rated medium severity (CVSS 5.5), this vulnerability is low attack complexity.

Integer Overflow Buffer Overflow Linux
NVD VulDB
EPSS 0% CVSS 5.5
MEDIUM PATCH This Month

In the Linux kernel, the following vulnerability has been resolved: rdma/cxgb4: Prevent potential integer overflow on 32bit The "gl->tot_len" variable is controlled by the user. Rated medium severity (CVSS 5.5), this vulnerability is low attack complexity.

Integer Overflow Buffer Overflow Linux
NVD
EPSS 0% CVSS 5.5
MEDIUM PATCH This Month

In the Linux kernel, the following vulnerability has been resolved: rtc: tps6594: Fix integer overflow on 32bit systems The problem is this multiply in tps6594_rtc_set_offset() tmp = offset *. Rated medium severity (CVSS 5.5), this vulnerability is low attack complexity.

Integer Overflow Buffer Overflow Linux +3
NVD
EPSS 0% CVSS 5.5
MEDIUM PATCH This Month

In the Linux kernel, the following vulnerability has been resolved: ipv6: Fix signed integer overflow in __ip6_append_data Resurrect ubsan overflow checks and ubsan report this warning, fix it by. Rated medium severity (CVSS 5.5), this vulnerability is low attack complexity.

Integer Overflow Buffer Overflow Linux +3
NVD
EPSS 0% CVSS 5.5
MEDIUM PATCH This Month

In the Linux kernel, the following vulnerability has been resolved: ipv6: Fix signed integer overflow in l2tp_ip6_sendmsg When len >= INT_MAX - transhdrlen, ulen = len + transhdrlen will be overflow. Rated medium severity (CVSS 5.5), this vulnerability is low attack complexity.

Integer Overflow Buffer Overflow Linux +3
NVD
EPSS 0% CVSS 5.5
MEDIUM PATCH This Month

In the Linux kernel, the following vulnerability has been resolved: dmaengine: qcom: bam_dma: fix runtime PM underflow Commit dbad41e7bb5f ("dmaengine: qcom: bam_dma: check if the runtime pm. Rated medium severity (CVSS 5.5), this vulnerability is low attack complexity.

Integer Overflow Linux Information Disclosure +3
NVD
EPSS 0% CVSS 5.5
MEDIUM PATCH This Month

In the Linux kernel, the following vulnerability has been resolved: ima: Fix a potential integer overflow in ima_appraise_measurement When the ima-modsig is enabled, the rc passed to. Rated medium severity (CVSS 5.5), this vulnerability is low attack complexity.

Integer Overflow Buffer Overflow Linux +3
NVD
EPSS 0% CVSS 5.5
MEDIUM PATCH This Month

In the Linux kernel, the following vulnerability has been resolved: net: stmmac: dwc-qos: Disable split header for Tegra194 There is a long-standing issue with the Synopsys DWC Ethernet driver for. Rated medium severity (CVSS 5.5), this vulnerability is low attack complexity. This Integer Overflow vulnerability could allow attackers to cause unexpected behavior through arithmetic overflow.

Integer Overflow Linux Nvidia +4
NVD
EPSS 0% CVSS 5.5
MEDIUM PATCH This Month

In the Linux kernel, the following vulnerability has been resolved: gpio: gpio-xilinx: Fix integer overflow Current implementation is not able to configure more than 32 pins due to incorrect data. Rated medium severity (CVSS 5.5), this vulnerability is low attack complexity.

Integer Overflow Buffer Overflow Linux +3
NVD
EPSS 0% CVSS 5.5
MEDIUM PATCH This Month

In the Linux kernel, the following vulnerability has been resolved: crypto: qat - add param check for DH Reject requests with a source buffer that is bigger than the size of the key. Rated medium severity (CVSS 5.5), this vulnerability is low attack complexity.

Integer Overflow Linux Information Disclosure +3
NVD
EPSS 0% CVSS 5.5
MEDIUM PATCH This Month

In the Linux kernel, the following vulnerability has been resolved: crypto: qat - add param check for RSA Reject requests with a source buffer that is bigger than the size of the key. Rated medium severity (CVSS 5.5), this vulnerability is low attack complexity.

Integer Overflow Linux Information Disclosure +3
NVD
EPSS 0% CVSS 5.5
MEDIUM PATCH This Month

In the Linux kernel, the following vulnerability has been resolved: fs/ntfs3: validate BOOT sectors_per_clusters When the NTFS BOOT sectors_per_clusters field is > 0x80, it represents a shift value. Rated medium severity (CVSS 5.5), this vulnerability is low attack complexity. This Integer Overflow vulnerability could allow attackers to cause unexpected behavior through arithmetic overflow.

Integer Overflow Buffer Overflow Linux +3
NVD
EPSS 0% CVSS 5.5
MEDIUM PATCH This Month

In the Linux kernel, the following vulnerability has been resolved: firmware: arm_scmi: Fix list protocols enumeration in the base protocol While enumerating protocols implemented by the SCMI. Rated medium severity (CVSS 5.5), this vulnerability is low attack complexity. This Integer Overflow vulnerability could allow attackers to cause unexpected behavior through arithmetic overflow.

Integer Overflow Buffer Overflow Linux +3
NVD
EPSS 0% CVSS 5.5
MEDIUM PATCH This Month

In the Linux kernel, the following vulnerability has been resolved: RDMA/hfi1: Fix potential integer multiplication overflow errors When multiplying of different types, an overflow is possible even. Rated medium severity (CVSS 5.5), this vulnerability is low attack complexity. This Integer Overflow vulnerability could allow attackers to cause unexpected behavior through arithmetic overflow.

Integer Overflow Buffer Overflow Linux +3
NVD
EPSS 0% CVSS 5.5
MEDIUM PATCH This Month

In the Linux kernel, the following vulnerability has been resolved: watchdog: rzg2l_wdt: Fix 32bit overflow issue The value of timer_cycle_us can be 0 due to 32bit overflow. Rated medium severity (CVSS 5.5), this vulnerability is low attack complexity. This Integer Overflow vulnerability could allow attackers to cause unexpected behavior through arithmetic overflow.

Integer Overflow Buffer Overflow Linux +3
NVD
EPSS 0% CVSS 5.5
MEDIUM PATCH This Month

In the Linux kernel, the following vulnerability has been resolved: dmaengine: zynqmp_dma: In struct zynqmp_dma_chan fix desc_size data type In zynqmp_dma_alloc/free_chan_resources functions there is. Rated medium severity (CVSS 5.5), this vulnerability is low attack complexity. This Integer Overflow vulnerability could allow attackers to cause unexpected behavior through arithmetic overflow.

Integer Overflow Buffer Overflow Linux +3
NVD
EPSS 0% CVSS 7.1
HIGH PATCH This Week

In the Linux kernel, the following vulnerability has been resolved: uaccess: fix integer overflow on access_ok() Three architectures check the end of a user access against the address limit without. Rated high severity (CVSS 7.1), this vulnerability is low attack complexity.

Integer Overflow Buffer Overflow Linux +3
NVD
EPSS 0% CVSS 5.5
MEDIUM PATCH This Month

In the Linux kernel, the following vulnerability has been resolved: NFSD: prevent underflow in nfssvc_decode_writeargs() Smatch complains: fs/nfsd/nfsxdr.c:341 nfssvc_decode_writeargs() warn: no. Rated medium severity (CVSS 5.5), this vulnerability is low attack complexity.

Integer Overflow Linux Information Disclosure +3
NVD
Prev Page 7 of 31 Next

Quick Facts

Typical Severity
MEDIUM
Category
memory
Total CVEs
2762

Related CWEs

MITRE ATT&CK

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy