CWE-190: Integer Overflow or Wraparound

low-risk

The product performs a calculation that can produce an integer overflow or wraparound when the logic assumes that the resulting value will always be larger than the original value. This occurs when an integer value is incremented to a value that is too large to store in the associated representation. When this occurs, the value may become a very small or negative number.

Abstraction: Base

Common Consequences

Availability → DoS: Crash, Exit, or Restart

Integrity → Modify Memory

Confidentiality → Execute Unauthorized Code or Commands

Availability → Alter Execution Logic

Access Control → Bypass Protection Mechanism

Detection Methods

Automated Static Analysis

This weakness can often be detected using automated static analysis tools. Many modern tools use data flow analysis or constraint-based techniques to minimize the number of false positives.

Black Box

Sometimes, evidence of this weakness can be detected using dynamic tools and techniques that interact with the product using large test suites with many diverse inputs, such as fuzz testing (fuzzing), robustness testing, and fault injection. The product's operation may slow down, but it should not become unstable, crash, or generate incorrect results.

Manual Analysis

This weakness can be detected using tools and techniques that require manual (human) analysis, such as penetration testing, threat modeling, and interactive tools that allow the tester to record and modify an active session. Specifically, manual static analysis is useful for evaluating the correctness of allocation calculations. This can be useful for detecting overflow conditions (CWE-190) or similar weaknesses that might have serious security impacts on the program.

Automated Static Analysis - Binary or Bytecode

According to SOAR [REF-1479], the following detection techniques may be useful: Highly cost effective: Bytecode Weakness Analysis - including disassembler + source code weakness analysis Binary Weakness Analysis - including disassembler + source code weakness analysis

Dynamic Analysis with Manual Results Interpretation

According to SOAR [REF-1479], the following detection techniques may be useful: Cost effective for partial coverage: Fuzz Tester Framework-based Fuzzer

Manual Static Analysis - Source Code

According to SOAR [REF-1479], the following detection techniques may be useful: Cost effective for partial coverage: Manual Source Code Review (not inspections)

Automated Static Analysis - Source Code

According to SOAR [REF-1479], the following detection techniques may be useful: Highly cost effective: Source code Weakness Analyzer Context-configured Source Code Weakness Analyzer

Architecture or Design Review

According to SOAR [REF-1479], the following detection techniques may be useful: Highly cost effective: Formal Methods / Correct-By-Construction Cost effective for partial coverage: Inspection (IEEE 1028 standard) (can apply to requirements, design, source code, etc.)

Real-World Examples (10)

CVE	CVSS	EPSS	KEV
CVE-2017-7529	7.5	92.9%	—
CVE-2017-7529	7.5	92.9%	—
CVE-2021-40346	7.5	92.4%	—
CVE-2023-21716	9.8	91.4%	—
CVE-2013-2729	9.8	89.5%	Y
CVE-2013-2729	9.8	89.5%	Y
CVE-2015-8651	8.8	89.0%	Y
CVE-2015-8651	8.8	89.0%	Y
CVE-2018-6065	8.8	88.8%	Y
CVE-2018-6065	8.8	88.8%	Y

/ 100

low-risk

Active Threat 5/50 · Minimal

Exploit Availability 1/50 · Minimal