目标达成 感谢每一位支持者 — 我们达成了 100% 目标!

目标: 1000 元 · 已筹: 1310

100%
请我们喝杯咖啡

CWE-131 缓冲区大小计算不正确 类漏洞列表 84

CWE-131 缓冲区大小计算不正确 类弱点 84 条 CVE 漏洞汇总,含 AI 中文分析。

CWE-131属于内存安全类漏洞,指产品在分配缓冲区时未能正确计算所需大小。攻击者通常利用此缺陷触发缓冲区溢出,进而执行恶意代码或导致系统崩溃。开发者应避免此类风险,需严格验证输入长度,使用安全的内存分配函数,并确保在分配前准确计算缓冲区大小,同时实施边界检查以防止越界访问。

MITRE CWE 官方描述
CWE:CWE-131 缓冲区大小计算错误 (Incorrect Calculation of Buffer Size) 英文:产品在分配缓冲区时未能正确计算所需的大小,这可能导致缓冲区溢出 (buffer overflow)。
常见影响 (1)
Integrity, Availability, ConfidentialityDoS: Crash, Exit, or Restart, Execute Unauthorized Code or Commands, Read Memory, Modify Memory
If the incorrect calculation is used in the context of memory allocation, then the software may create a buffer that is smaller or larger than expected. If the allocated buffer is smaller than expected, this could lead to an out-of-bounds read or write (CWE-119), possibly causing a crash, allowing a…
缓解措施 (5)
ImplementationWhen allocating a buffer for the purpose of transforming, converting, or encoding an input, allocate enough memory to handle the largest possible encoding. For example, in a routine that converts "&" characters to "&" for HTML entity encoding, the output buffer needs to be at least 5 times as large as the input buffer.
ImplementationUnderstand the programming language's underlying representation and how it interacts with numeric calculation (CWE-681). Pay close attention to byte size discrepancies, precision, signed/unsigned distinctions, truncation, conversion and casting between types, "not-a-number" calculations, and how the language handles numbers that are too large or too small for its underlying representation. [REF-7]…
ImplementationPerform input validation on any numeric input by ensuring that it is within the expected range. Enforce that the input meets both the minimum and maximum requirements for the expected range.
Architecture and DesignFor any security checks that are performed on the client side, ensure that these checks are duplicated on the server side, in order to avoid CWE-602. Attackers can bypass the client-side checks by modifying values after the checks have been performed, or by changing the client to remove the client-side checks entirely. Then, these modified values would be submitted to the server.
ImplementationWhen processing structured incoming data containing a size field followed by raw data, identify and resolve any inconsistencies between the size field and the actual size of the data (CWE-130).
代码示例 (2)
The following code allocates memory for a maximum number of widgets. It then gets a user-specified number of widgets, making sure that the user does not request too many. It then initializes the elements of the array using InitializeWidget(). Because the number of widgets can vary for each request, the code inserts a NULL pointer to signify the location of the last widget.
int i; unsigned int numWidgets; Widget **WidgetList; numWidgets = GetUntrustedSizeValue(); if ((numWidgets == 0) || (numWidgets > MAX_NUM_WIDGETS)) { ExitError("Incorrect number of widgets requested!"); } WidgetList = (Widget **)malloc(numWidgets * sizeof(Widget *)); printf("WidgetList ptr=%p\n", WidgetList); for(i=0; i<numWidgets; i++) { WidgetList[i] = InitializeWidget(); } WidgetList[numWidgets] = NULL; showWidgets(WidgetList);
Bad · C
The following image processing code allocates a table for images.
img_t table_ptr; /*struct containing img data, 10kB each*/ int num_imgs; ... num_imgs = get_num_imgs(); table_ptr = (img_t*)malloc(sizeof(img_t)*num_imgs); ...
Bad · C
CVE ID标题CVSS风险等级Published
CVE-2026-40618 F5 BIG-IP 安全漏洞 — BIG-IP 7.5 High2026-05-13
CVE-2026-44223 vLLM 安全漏洞 — vllm 6.5 Medium2026-05-12
CVE-2026-1949 Delta Electronics AS320T 安全漏洞 — AS320T 9.8 Critical2026-04-24
CVE-2026-41197 Noir 安全漏洞 — noir 9.8AICriticalAI2026-04-23
CVE-2026-40918 GIMP 安全漏洞 — Red Hat Enterprise Linux 6 5.5 Medium2026-04-15
CVE-2026-20911 Libraw 安全漏洞 — LibRaw 9.8 Critical2026-04-07
CVE-2025-33216 NVIDIA SNAP-4 Container 安全漏洞 — SNAP-4 Container 6.8 Medium2026-03-24
CVE-2019-25555 Pixarra TwistedBrush Pro Studio 安全漏洞 — TwistedBrush Pro Studio 6.2 Medium2026-03-21
CVE-2026-20049 Cisco Secure Firewall Adaptive Security Appliance和Cisco Secure Firewall Threat Defense 安全漏洞 — Cisco Secure Firewall Adaptive Security Appliance (ASA) Software 7.7 High2026-03-04
CVE-2026-2738 OpenVPN ovpn-dco-win 安全漏洞 — ovpn-dco-win 5.5AIMediumAI2026-02-19
CVE-2025-33124 IBM DB2 Merge Backup 安全漏洞 — DB2 Merge Backup for Linux, UNIX and Windows 6.5 Medium2026-02-17
CVE-2026-1188 Eclipse OMR 安全漏洞 — Eclipse OMR 9.8AICriticalAI2026-01-29
CVE-2026-22791 openCryptoki 安全漏洞 — opencryptoki 6.6 Medium2026-01-13
CVE-2025-66216 AIS-catcher 安全漏洞 — AIS-catcher 9.8 -2025-11-29
CVE-2025-61661 GNU GRUB 安全漏洞 — grub2 4.8 Medium2025-11-18
CVE-2025-27074 Qualcomm Chipsets 安全漏洞 — Snapdragon 8.8 High2025-11-04
CVE-2025-33126 IBM DB2 High Performance Unload 安全漏洞 — DB2 High Performance Unload 6.5 Medium2025-10-27
CVE-2025-27053 Qualcomm Chipsets 安全漏洞 — Snapdragon 7.8 High2025-10-09
CVE-2025-52955 Juniper Networks Junos OS 安全漏洞 — Junos OS 6.5 Medium2025-07-11
CVE-2025-27042 Qualcomm Chipsets 安全漏洞 — Snapdragon 7.8 High2025-07-08
CVE-2025-46723 OpenVM 安全漏洞 — openvm 9.8AICriticalAI2025-05-02
CVE-2025-46688 QuickJS 安全漏洞 — QuickJS 5.6 Medium2025-04-27
CVE-2025-43965 ImageMagick 安全漏洞 — ImageMagick 2.9 Low2025-04-23
CVE-2025-46393 ImageMagick 安全漏洞 — ImageMagick 2.9 Low2025-04-23
CVE-2025-1861 PHP 安全漏洞 — PHP 6.5 -2025-03-30
CVE-2025-30334 OpenBSD 安全漏洞 — OpenBSD 6.5 Medium2025-03-20
CVE-2025-0395 GNU C Library 安全漏洞 — glibc 9.8 -2025-01-22
CVE-2024-11425 Schneider Electric Modicon M580 安全漏洞 — Modicon M580 CPU (part numbers BMEP* and BMEH*, excluding M580 CPU Safety) 7.5 High2025-01-17
CVE-2024-8361 Silicon SiWx91x 安全漏洞 — WiSeConnect SDK 7.5 High2025-01-07
CVE-2024-28052 LevelOne WBR-6012 安全漏洞 — WBR-6012 5.3 Medium2024-10-30

CWE-131(缓冲区大小计算不正确) 是常见的弱点类别,本平台收录该类弱点关联的 84 条 CVE 漏洞。