CWE-823 - Use of Out-of-range Pointer Offset

Description

As the pointer contains reference only to the certain memory location, a program has access to limited memory portions. To obtain fields or sub-elements within structured data programs may use offsets that can be out-of-range because they come from untrusted source. If attacker's can to monitor the offsets, they can easily access any memory location, influence or stop the functionality or cause code execution.

Latest vulnerabilities for CWE-823

Multiple vulnerabilities in Google Android 2024-03-04
High Yes

Multiple vulnerabilities in Qualcomm chipsets 2024-03-04
High Yes

Multiple vulnerabilities in Google Android 2024-02-06
High Yes

Multiple vulnerabilities in Google Pixel 2024-02-06
Low Yes

Multiple vulnerabilities in Qualcomm chipsets 2024-02-05
High Yes

Multiple vulnerabilities in Samsung Mobile Firmware 2024-01-08
Critical Yes

Multiple vulnerabilities in Google Android 2024-01-03
High Yes

Multiple vulnerabilities in Qualcomm chipsets 2024-01-01
High Yes

Multiple vulnerabilities in Google Pixel 2023-12-06
High Yes

Multiple vulnerabilities in Google Android 2023-12-04
High Yes

References

Description of CWE-823 on Mitre website