CWE-682
DiscouragedIncorrect Calculation
Abstraction: Pillar · Status: Draft
The product performs a calculation that generates incorrect or unintended results that are later used in security-critical decisions or resource management.
159 vulnerabilities reference this CWE, most recent first.
CVE-2022-23066 (GCVE-0-2022-23066)
Vulnerability from cvelistv5 – Published: 2022-05-09 06:25 – Updated: 2024-09-16 17:53- CWE-682 - Incorrect Calculation
| URL | Tags |
|---|---|
| https://github.com/solana-labs/rbpf/commit/e61e04… | x_refsource_MISC |
| https://www.whitesourcesoftware.com/vulnerability… | x_refsource_MISC |
| https://blocksecteam.medium.com/how-a-critical-bu… | x_refsource_MISC |
| Vendor | Product | Version | |
|---|---|---|---|
| solana-labs | rbpf |
Affected:
0.2.26 , < unspecified
(custom)
Affected: unspecified , ≤ 0.2.27 (custom) |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-03T03:28:43.277Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://github.com/solana-labs/rbpf/commit/e61e045f8c244de978401d186dcfd50838817297"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://www.whitesourcesoftware.com/vulnerability-database/CVE-2022-23066"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://blocksecteam.medium.com/how-a-critical-bug-in-solana-network-was-detected-and-timely-patched-a701870e1324"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "rbpf",
"vendor": "solana-labs",
"versions": [
{
"lessThan": "unspecified",
"status": "affected",
"version": "0.2.26",
"versionType": "custom"
},
{
"lessThanOrEqual": "0.2.27",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
}
]
}
],
"credits": [
{
"lang": "en",
"value": "BlockSec"
}
],
"datePublic": "2022-05-08T00:00:00.000Z",
"descriptions": [
{
"lang": "en",
"value": "In Solana rBPF versions 0.2.26 and 0.2.27 are affected by Incorrect Calculation which is caused by improper implementation of sdiv instruction. This can lead to the wrong execution path, resulting in huge loss in specific cases. For example, the result of a sdiv instruction may decide whether to transfer tokens or not. The vulnerability affects both integrity and may cause serious availability problems."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 9.1,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "NONE",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:H",
"version": "3.1"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-682",
"description": "CWE-682 Incorrect Calculation",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2022-06-12T13:20:08.000Z",
"orgId": "478c68dd-22c1-4a41-97cd-654224dfacff",
"shortName": "Mend"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://github.com/solana-labs/rbpf/commit/e61e045f8c244de978401d186dcfd50838817297"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://www.whitesourcesoftware.com/vulnerability-database/CVE-2022-23066"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://blocksecteam.medium.com/how-a-critical-bug-in-solana-network-was-detected-and-timely-patched-a701870e1324"
}
],
"solutions": [
{
"lang": "en",
"value": "Upgrade version to 0.2.28 or higher"
}
],
"source": {
"advisory": "https://www.whitesourcesoftware.com/vulnerability-database/",
"discovery": "UNKNOWN"
},
"title": "Solana rBPF - Incorrect Calculation in sdiv instruction",
"x_generator": {
"engine": "Vulnogram 0.0.9"
},
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "vulnerabilitylab@whitesourcesoftware.com",
"DATE_PUBLIC": "2022-05-08T14:15:00.000Z",
"ID": "CVE-2022-23066",
"STATE": "PUBLIC",
"TITLE": "Solana rBPF - Incorrect Calculation in sdiv instruction"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "rbpf",
"version": {
"version_data": [
{
"version_affected": "\u003e=",
"version_value": "0.2.26"
},
{
"version_affected": "\u003c=",
"version_value": "0.2.27"
}
]
}
}
]
},
"vendor_name": "solana-labs"
}
]
}
},
"credit": [
{
"lang": "eng",
"value": "BlockSec"
}
],
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "In Solana rBPF versions 0.2.26 and 0.2.27 are affected by Incorrect Calculation which is caused by improper implementation of sdiv instruction. This can lead to the wrong execution path, resulting in huge loss in specific cases. For example, the result of a sdiv instruction may decide whether to transfer tokens or not. The vulnerability affects both integrity and may cause serious availability problems."
}
]
},
"generator": {
"engine": "Vulnogram 0.0.9"
},
"impact": {
"cvss": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 9.1,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "NONE",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:H",
"version": "3.1"
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "CWE-682 Incorrect Calculation"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://github.com/solana-labs/rbpf/commit/e61e045f8c244de978401d186dcfd50838817297",
"refsource": "MISC",
"url": "https://github.com/solana-labs/rbpf/commit/e61e045f8c244de978401d186dcfd50838817297"
},
{
"name": "https://www.whitesourcesoftware.com/vulnerability-database/CVE-2022-23066",
"refsource": "MISC",
"url": "https://www.whitesourcesoftware.com/vulnerability-database/CVE-2022-23066"
},
{
"name": "https://blocksecteam.medium.com/how-a-critical-bug-in-solana-network-was-detected-and-timely-patched-a701870e1324",
"refsource": "MISC",
"url": "https://blocksecteam.medium.com/how-a-critical-bug-in-solana-network-was-detected-and-timely-patched-a701870e1324"
}
]
},
"solution": [
{
"lang": "en",
"value": "Upgrade version to 0.2.28 or higher"
}
],
"source": {
"advisory": "https://www.whitesourcesoftware.com/vulnerability-database/",
"discovery": "UNKNOWN"
}
}
}
},
"cveMetadata": {
"assignerOrgId": "478c68dd-22c1-4a41-97cd-654224dfacff",
"assignerShortName": "Mend",
"cveId": "CVE-2022-23066",
"datePublished": "2022-05-09T06:25:09.088Z",
"dateReserved": "2022-01-10T00:00:00.000Z",
"dateUpdated": "2024-09-16T17:53:00.981Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2022-23028 (GCVE-0-2022-23028)
Vulnerability from cvelistv5 – Published: 2022-01-25 19:11 – Updated: 2024-08-03 03:28- CWE-682 - Incorrect Calculation
| URL | Tags |
|---|---|
| https://support.f5.com/csp/article/K16101409 | x_refsource_MISC |
| Vendor | Product | Version | |
|---|---|---|---|
| n/a | BIG-IP AFM |
Affected:
16.x before 16.1.0, 15.1.x before 15.1.5, 14.1.x before 14.1.4.5, and all versions of 13.1.x
|
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-03T03:28:43.121Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://support.f5.com/csp/article/K16101409"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "BIG-IP AFM",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "16.x before 16.1.0, 15.1.x before 15.1.5, 14.1.x before 14.1.4.5, and all versions of 13.1.x"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "On BIG-IP AFM version 16.x before 16.1.0, 15.1.x before 15.1.5, 14.1.x before 14.1.4.5, and all versions of 13.1.x, when global AFM SYN cookie protection (TCP Half Open flood vector) is activated in the AFM Device Dos or DOS profile, certain types of TCP connections will fail. Note: Software versions which have reached End of Technical Support (EoTS) are not evaluated."
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-682",
"description": "CWE-682: Incorrect Calculation",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2022-01-25T19:11:35.000Z",
"orgId": "9dacffd4-cb11-413f-8451-fbbfd4ddc0ab",
"shortName": "f5"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://support.f5.com/csp/article/K16101409"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "f5sirt@f5.com",
"ID": "CVE-2022-23028",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "BIG-IP AFM",
"version": {
"version_data": [
{
"version_value": "16.x before 16.1.0, 15.1.x before 15.1.5, 14.1.x before 14.1.4.5, and all versions of 13.1.x"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "On BIG-IP AFM version 16.x before 16.1.0, 15.1.x before 15.1.5, 14.1.x before 14.1.4.5, and all versions of 13.1.x, when global AFM SYN cookie protection (TCP Half Open flood vector) is activated in the AFM Device Dos or DOS profile, certain types of TCP connections will fail. Note: Software versions which have reached End of Technical Support (EoTS) are not evaluated."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "CWE-682: Incorrect Calculation"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://support.f5.com/csp/article/K16101409",
"refsource": "MISC",
"url": "https://support.f5.com/csp/article/K16101409"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "9dacffd4-cb11-413f-8451-fbbfd4ddc0ab",
"assignerShortName": "f5",
"cveId": "CVE-2022-23028",
"datePublished": "2022-01-25T19:11:35.000Z",
"dateReserved": "2022-01-10T00:00:00.000Z",
"dateUpdated": "2024-08-03T03:28:43.121Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2022-23011 (GCVE-0-2022-23011)
Vulnerability from cvelistv5 – Published: 2022-01-25 19:11 – Updated: 2024-08-03 03:28- CWE-682 - Incorrect Calculation
| URL | Tags |
|---|---|
| https://support.f5.com/csp/article/K68755210 | x_refsource_MISC |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-03T03:28:42.706Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://support.f5.com/csp/article/K68755210"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "BIG-IP",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "15.1.x before 15.1.4 and 14.1.x before 14.1.3"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "On certain hardware BIG-IP platforms, in version 15.1.x before 15.1.4 and 14.1.x before 14.1.3, virtual servers may stop responding while processing TCP traffic due to an issue in the SYN Cookie Protection feature. Note: Software versions which have reached End of Technical Support (EoTS) are not evaluated."
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-682",
"description": "CWE-682: Incorrect Calculation",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2022-01-25T19:11:20.000Z",
"orgId": "9dacffd4-cb11-413f-8451-fbbfd4ddc0ab",
"shortName": "f5"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://support.f5.com/csp/article/K68755210"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "f5sirt@f5.com",
"ID": "CVE-2022-23011",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "BIG-IP",
"version": {
"version_data": [
{
"version_value": "15.1.x before 15.1.4 and 14.1.x before 14.1.3"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "On certain hardware BIG-IP platforms, in version 15.1.x before 15.1.4 and 14.1.x before 14.1.3, virtual servers may stop responding while processing TCP traffic due to an issue in the SYN Cookie Protection feature. Note: Software versions which have reached End of Technical Support (EoTS) are not evaluated."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "CWE-682: Incorrect Calculation"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://support.f5.com/csp/article/K68755210",
"refsource": "MISC",
"url": "https://support.f5.com/csp/article/K68755210"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "9dacffd4-cb11-413f-8451-fbbfd4ddc0ab",
"assignerShortName": "f5",
"cveId": "CVE-2022-23011",
"datePublished": "2022-01-25T19:11:20.000Z",
"dateReserved": "2022-01-10T00:00:00.000Z",
"dateUpdated": "2024-08-03T03:28:42.706Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2022-23001 (GCVE-0-2022-23001)
Vulnerability from cvelistv5 – Published: 2022-07-29 18:51 – Updated: 2024-08-03 03:28- CWE-682 - Incorrect Calculation
| URL | Tags |
|---|---|
| https://www.westerndigital.com/support/product-se… | x_refsource_MISC |
| Vendor | Product | Version | |
|---|---|---|---|
| Western Digital | Sweet B Library |
Affected:
Sweet B Library , < v2
(custom)
|
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-03T03:28:42.996Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://www.westerndigital.com/support/product-security/wdc-22013-sweet-b-incorrect-output-vulnerabilities"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "Sweet B Library",
"vendor": "Western Digital",
"versions": [
{
"lessThan": "v2",
"status": "affected",
"version": "Sweet B Library",
"versionType": "custom"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "When compressing or decompressing elliptic curve points using the Sweet B library, an incorrect choice of sign bit is used. An attacker with user level privileges and no other user\u0027s assistance can exploit this vulnerability with only knowledge of the public key and the library. The resulting output may cause an error when used in other operations; for instance, verification of a valid signature under a decompressed public key may fail. This may be leveraged by an attacker to cause an error scenario in applications which use the library, resulting in a limited denial of service for an individual user. The scope of impact cannot extend to other components."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "LOW",
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L",
"version": "3.1"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-682",
"description": "CWE-682 Incorrect Calculation",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2022-07-29T18:51:26.000Z",
"orgId": "cb3b742e-5145-4748-b44b-5ffd45bf3b6a",
"shortName": "WDC PSIRT"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://www.westerndigital.com/support/product-security/wdc-22013-sweet-b-incorrect-output-vulnerabilities"
}
],
"solutions": [
{
"lang": "en",
"value": "The vulnerability was addressed by correcting the choice of sign bit in the affected routines. To get the latest version of the Sweet B library, update your local repository from https://github.com/westerndigitalcorporation/sweet-b"
}
],
"source": {
"discovery": "INTERNAL"
},
"title": "Sweet-B Library: Point compress/decompress using the wrong bit for sign",
"x_generator": {
"engine": "Vulnogram 0.0.9"
},
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "psirt@wdc.com",
"ID": "CVE-2022-23001",
"STATE": "PUBLIC",
"TITLE": "Sweet-B Library: Point compress/decompress using the wrong bit for sign"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "Sweet B Library",
"version": {
"version_data": [
{
"version_affected": "\u003c",
"version_name": "Sweet B Library",
"version_value": "v2"
}
]
}
}
]
},
"vendor_name": "Western Digital"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "When compressing or decompressing elliptic curve points using the Sweet B library, an incorrect choice of sign bit is used. An attacker with user level privileges and no other user\u0027s assistance can exploit this vulnerability with only knowledge of the public key and the library. The resulting output may cause an error when used in other operations; for instance, verification of a valid signature under a decompressed public key may fail. This may be leveraged by an attacker to cause an error scenario in applications which use the library, resulting in a limited denial of service for an individual user. The scope of impact cannot extend to other components."
}
]
},
"generator": {
"engine": "Vulnogram 0.0.9"
},
"impact": {
"cvss": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "LOW",
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L",
"version": "3.1"
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "CWE-682 Incorrect Calculation"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://www.westerndigital.com/support/product-security/wdc-22013-sweet-b-incorrect-output-vulnerabilities",
"refsource": "MISC",
"url": "https://www.westerndigital.com/support/product-security/wdc-22013-sweet-b-incorrect-output-vulnerabilities"
}
]
},
"solution": [
{
"lang": "en",
"value": "The vulnerability was addressed by correcting the choice of sign bit in the affected routines. To get the latest version of the Sweet B library, update your local repository from https://github.com/westerndigitalcorporation/sweet-b"
}
],
"source": {
"discovery": "INTERNAL"
}
}
}
},
"cveMetadata": {
"assignerOrgId": "cb3b742e-5145-4748-b44b-5ffd45bf3b6a",
"assignerShortName": "WDC PSIRT",
"cveId": "CVE-2022-23001",
"datePublished": "2022-07-29T18:51:26.000Z",
"dateReserved": "2022-01-10T00:00:00.000Z",
"dateUpdated": "2024-08-03T03:28:42.996Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2021-41222 (GCVE-0-2021-41222)
Vulnerability from cvelistv5 – Published: 2021-11-05 22:30 – Updated: 2024-08-04 03:08- CWE-682 - Incorrect Calculation
| URL | Tags |
|---|---|
| https://github.com/tensorflow/tensorflow/security… | x_refsource_CONFIRM |
| https://github.com/tensorflow/tensorflow/commit/2… | x_refsource_MISC |
| Vendor | Product | Version | |
|---|---|---|---|
| tensorflow | tensorflow |
Affected:
>= 2.6.0, < 2.6.1
Affected: >= 2.5.0, < 2.5.2 Affected: < 2.4.4 |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-04T03:08:31.547Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://github.com/tensorflow/tensorflow/security/advisories/GHSA-cpf4-wx82-gxp6"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://github.com/tensorflow/tensorflow/commit/25d622ffc432acc736b14ca3904177579e733cc6"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "tensorflow",
"vendor": "tensorflow",
"versions": [
{
"status": "affected",
"version": "\u003e= 2.6.0, \u003c 2.6.1"
},
{
"status": "affected",
"version": "\u003e= 2.5.0, \u003c 2.5.2"
},
{
"status": "affected",
"version": "\u003c 2.4.4"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "TensorFlow is an open source platform for machine learning. In affected versions the implementation of `SplitV` can trigger a segfault is an attacker supplies negative arguments. This occurs whenever `size_splits` contains more than one value and at least one value is negative. The fix will be included in TensorFlow 2.7.0. We will also cherrypick this commit on TensorFlow 2.6.1, TensorFlow 2.5.2, and TensorFlow 2.4.4, as these are also affected and still in supported range."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-682",
"description": "CWE-682: Incorrect Calculation",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2021-11-05T22:30:11.000Z",
"orgId": "a0819718-46f1-4df5-94e2-005712e83aaa",
"shortName": "GitHub_M"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://github.com/tensorflow/tensorflow/security/advisories/GHSA-cpf4-wx82-gxp6"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://github.com/tensorflow/tensorflow/commit/25d622ffc432acc736b14ca3904177579e733cc6"
}
],
"source": {
"advisory": "GHSA-cpf4-wx82-gxp6",
"discovery": "UNKNOWN"
},
"title": "Segfault due to negative splits in `SplitV`",
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "security-advisories@github.com",
"ID": "CVE-2021-41222",
"STATE": "PUBLIC",
"TITLE": "Segfault due to negative splits in `SplitV`"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "tensorflow",
"version": {
"version_data": [
{
"version_value": "\u003e= 2.6.0, \u003c 2.6.1"
},
{
"version_value": "\u003e= 2.5.0, \u003c 2.5.2"
},
{
"version_value": "\u003c 2.4.4"
}
]
}
}
]
},
"vendor_name": "tensorflow"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "TensorFlow is an open source platform for machine learning. In affected versions the implementation of `SplitV` can trigger a segfault is an attacker supplies negative arguments. This occurs whenever `size_splits` contains more than one value and at least one value is negative. The fix will be included in TensorFlow 2.7.0. We will also cherrypick this commit on TensorFlow 2.6.1, TensorFlow 2.5.2, and TensorFlow 2.4.4, as these are also affected and still in supported range."
}
]
},
"impact": {
"cvss": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "CWE-682: Incorrect Calculation"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://github.com/tensorflow/tensorflow/security/advisories/GHSA-cpf4-wx82-gxp6",
"refsource": "CONFIRM",
"url": "https://github.com/tensorflow/tensorflow/security/advisories/GHSA-cpf4-wx82-gxp6"
},
{
"name": "https://github.com/tensorflow/tensorflow/commit/25d622ffc432acc736b14ca3904177579e733cc6",
"refsource": "MISC",
"url": "https://github.com/tensorflow/tensorflow/commit/25d622ffc432acc736b14ca3904177579e733cc6"
}
]
},
"source": {
"advisory": "GHSA-cpf4-wx82-gxp6",
"discovery": "UNKNOWN"
}
}
}
},
"cveMetadata": {
"assignerOrgId": "a0819718-46f1-4df5-94e2-005712e83aaa",
"assignerShortName": "GitHub_M",
"cveId": "CVE-2021-41222",
"datePublished": "2021-11-05T22:30:11.000Z",
"dateReserved": "2021-09-15T00:00:00.000Z",
"dateUpdated": "2024-08-04T03:08:31.547Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2021-41122 (GCVE-0-2021-41122)
Vulnerability from cvelistv5 – Published: 2021-10-05 23:00 – Updated: 2024-08-04 02:59- CWE-682 - Incorrect Calculation
| URL | Tags |
|---|---|
| https://github.com/vyperlang/vyper/security/advis… | x_refsource_CONFIRM |
| https://github.com/vyperlang/vyper/pull/2447 | x_refsource_MISC |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-04T02:59:31.578Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://github.com/vyperlang/vyper/security/advisories/GHSA-c7pr-343r-5c46"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://github.com/vyperlang/vyper/pull/2447"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "vyper",
"vendor": "vyperlang",
"versions": [
{
"status": "affected",
"version": "\u003c 0.3.0"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "Vyper is a Pythonic Smart Contract Language for the EVM. In affected versions external functions did not properly validate the bounds of decimal arguments. The can lead to logic errors. This issue has been resolved in version 0.3.0."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 4.3,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "LOW",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N",
"version": "3.1"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-682",
"description": "CWE-682: Incorrect Calculation",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2021-10-05T23:00:11.000Z",
"orgId": "a0819718-46f1-4df5-94e2-005712e83aaa",
"shortName": "GitHub_M"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://github.com/vyperlang/vyper/security/advisories/GHSA-c7pr-343r-5c46"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://github.com/vyperlang/vyper/pull/2447"
}
],
"source": {
"advisory": "GHSA-c7pr-343r-5c46",
"discovery": "UNKNOWN"
},
"title": "Bounds check missing for decimal args in Vyper",
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "security-advisories@github.com",
"ID": "CVE-2021-41122",
"STATE": "PUBLIC",
"TITLE": "Bounds check missing for decimal args in Vyper"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "vyper",
"version": {
"version_data": [
{
"version_value": "\u003c 0.3.0"
}
]
}
}
]
},
"vendor_name": "vyperlang"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Vyper is a Pythonic Smart Contract Language for the EVM. In affected versions external functions did not properly validate the bounds of decimal arguments. The can lead to logic errors. This issue has been resolved in version 0.3.0."
}
]
},
"impact": {
"cvss": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 4.3,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "LOW",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N",
"version": "3.1"
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "CWE-682: Incorrect Calculation"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://github.com/vyperlang/vyper/security/advisories/GHSA-c7pr-343r-5c46",
"refsource": "CONFIRM",
"url": "https://github.com/vyperlang/vyper/security/advisories/GHSA-c7pr-343r-5c46"
},
{
"name": "https://github.com/vyperlang/vyper/pull/2447",
"refsource": "MISC",
"url": "https://github.com/vyperlang/vyper/pull/2447"
}
]
},
"source": {
"advisory": "GHSA-c7pr-343r-5c46",
"discovery": "UNKNOWN"
}
}
}
},
"cveMetadata": {
"assignerOrgId": "a0819718-46f1-4df5-94e2-005712e83aaa",
"assignerShortName": "GitHub_M",
"cveId": "CVE-2021-41122",
"datePublished": "2021-10-05T23:00:11.000Z",
"dateReserved": "2021-09-15T00:00:00.000Z",
"dateUpdated": "2024-08-04T02:59:31.578Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2021-34573 (GCVE-0-2021-34573)
Vulnerability from cvelistv5 – Published: 2021-09-16 12:20 – Updated: 2024-09-17 02:21- CWE-682 - Incorrect Calculation
| URL | Tags |
|---|---|
| https://www.fit.vutbr.cz/~polcak/CVE-2021-34573.en | x_refsource_CONFIRM |
| Vendor | Product | Version | |
|---|---|---|---|
| Enbra | AT-WMBUS-16-2 |
Affected:
all
|
|
| Enbra | ER-AM DN 15 |
Affected:
ER-AM DN 15/SV all
Affected: ER-AM DN 15/TV all |
|
| Enbra | EWM 1.7.29 |
Affected:
03.11.2019
|
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-04T00:19:46.616Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://www.fit.vutbr.cz/~polcak/CVE-2021-34573.en"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "AT-WMBUS-16-2",
"vendor": "Enbra",
"versions": [
{
"status": "affected",
"version": "all"
}
]
},
{
"product": "ER-AM DN 15",
"vendor": "Enbra",
"versions": [
{
"status": "affected",
"version": "ER-AM DN 15/SV all"
},
{
"status": "affected",
"version": "ER-AM DN 15/TV all"
}
]
},
{
"product": "EWM 1.7.29",
"vendor": "Enbra",
"versions": [
{
"status": "affected",
"version": "03.11.2019"
}
]
}
],
"credits": [
{
"lang": "en",
"value": "Libor POL\u010c\u00c1K reported to CERT@VDE"
}
],
"datePublic": "2021-08-31T00:00:00.000Z",
"descriptions": [
{
"lang": "en",
"value": "In Enbra EWM in Version 1.7.29 together with several tested wireless M-Bus Sensors the events backflow and \"no flow\" are not reconized or misinterpreted. This may lead to wrong values and missing events."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "NONE",
"baseScore": 6.2,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N",
"version": "3.1"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-682",
"description": "CWE-682 Incorrect Calculation",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2021-09-16T12:20:18.000Z",
"orgId": "270ccfa6-a436-4e77-922e-914ec3a9685c",
"shortName": "CERTVDE"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://www.fit.vutbr.cz/~polcak/CVE-2021-34573.en"
}
],
"source": {
"discovery": "UNKNOWN"
},
"title": "Incorrect calculation in Enbra EWM does not report backflows or no flow events",
"x_generator": {
"engine": "Vulnogram 0.0.9"
},
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "info@cert.vde.com",
"DATE_PUBLIC": "2021-08-31T22:00:00.000Z",
"ID": "CVE-2021-34573",
"STATE": "PUBLIC",
"TITLE": "Incorrect calculation in Enbra EWM does not report backflows or no flow events"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "AT-WMBUS-16-2",
"version": {
"version_data": [
{
"version_value": "all"
}
]
}
},
{
"product_name": "ER-AM DN 15",
"version": {
"version_data": [
{
"version_name": "ER-AM DN 15/SV",
"version_value": "all"
},
{
"version_name": "ER-AM DN 15/TV",
"version_value": "all"
}
]
}
},
{
"product_name": "EWM 1.7.29",
"version": {
"version_data": [
{
"version_affected": "=",
"version_value": "03.11.2019"
}
]
}
}
]
},
"vendor_name": "Enbra"
}
]
}
},
"credit": [
{
"lang": "eng",
"value": "Libor POL\u010c\u00c1K reported to CERT@VDE"
}
],
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "In Enbra EWM in Version 1.7.29 together with several tested wireless M-Bus Sensors the events backflow and \"no flow\" are not reconized or misinterpreted. This may lead to wrong values and missing events."
}
]
},
"generator": {
"engine": "Vulnogram 0.0.9"
},
"impact": {
"cvss": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "NONE",
"baseScore": 6.2,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N",
"version": "3.1"
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "CWE-682 Incorrect Calculation"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://www.fit.vutbr.cz/~polcak/CVE-2021-34573.en",
"refsource": "CONFIRM",
"url": "https://www.fit.vutbr.cz/~polcak/CVE-2021-34573.en"
}
]
},
"source": {
"discovery": "UNKNOWN"
}
}
}
},
"cveMetadata": {
"assignerOrgId": "270ccfa6-a436-4e77-922e-914ec3a9685c",
"assignerShortName": "CERTVDE",
"cveId": "CVE-2021-34573",
"datePublished": "2021-09-16T12:20:18.226Z",
"dateReserved": "2021-06-10T00:00:00.000Z",
"dateUpdated": "2024-09-17T02:21:48.549Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2021-31440 (GCVE-0-2021-31440)
Vulnerability from cvelistv5 – Published: 2021-05-21 14:30 – Updated: 2024-08-03 22:55- CWE-682 - Incorrect Calculation
| URL | Tags |
|---|---|
| https://www.zerodayinitiative.com/advisories/ZDI-… | x_refsource_MISC |
| https://git.kernel.org/pub/scm/linux/kernel/git/t… | x_refsource_MISC |
| https://security.netapp.com/advisory/ntap-2021070… | x_refsource_CONFIRM |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-03T22:55:53.733Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://www.zerodayinitiative.com/advisories/ZDI-21-503/"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=10bf4e83167cc68595b85fd73bb91e8f2c086e36"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://security.netapp.com/advisory/ntap-20210706-0003/"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "Kernel",
"vendor": "Linux",
"versions": [
{
"status": "affected",
"version": "5.11.15"
}
]
}
],
"credits": [
{
"lang": "en",
"value": "Manfred Paul"
}
],
"descriptions": [
{
"lang": "en",
"value": "This vulnerability allows local attackers to escalate privileges on affected installations of Linux Kernel 5.11.15. An attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability. The specific flaw exists within the handling of eBPF programs. The issue results from the lack of proper validation of user-supplied eBPF programs prior to executing them. An attacker can leverage this vulnerability to escalate privileges and execute arbitrary code in the context of the kernel. Was ZDI-CAN-13661."
}
],
"metrics": [
{
"cvssV3_0": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 8.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "CHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H",
"version": "3.0"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-682",
"description": "CWE-682: Incorrect Calculation",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2021-07-06T07:06:33.000Z",
"orgId": "99f1926a-a320-47d8-bbb5-42feb611262e",
"shortName": "zdi"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://www.zerodayinitiative.com/advisories/ZDI-21-503/"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=10bf4e83167cc68595b85fd73bb91e8f2c086e36"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://security.netapp.com/advisory/ntap-20210706-0003/"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "zdi-disclosures@trendmicro.com",
"ID": "CVE-2021-31440",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "Kernel",
"version": {
"version_data": [
{
"version_value": "5.11.15"
}
]
}
}
]
},
"vendor_name": "Linux"
}
]
}
},
"credit": "Manfred Paul",
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "This vulnerability allows local attackers to escalate privileges on affected installations of Linux Kernel 5.11.15. An attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability. The specific flaw exists within the handling of eBPF programs. The issue results from the lack of proper validation of user-supplied eBPF programs prior to executing them. An attacker can leverage this vulnerability to escalate privileges and execute arbitrary code in the context of the kernel. Was ZDI-CAN-13661."
}
]
},
"impact": {
"cvss": {
"vectorString": "CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H",
"version": "3.0"
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "CWE-682: Incorrect Calculation"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://www.zerodayinitiative.com/advisories/ZDI-21-503/",
"refsource": "MISC",
"url": "https://www.zerodayinitiative.com/advisories/ZDI-21-503/"
},
{
"name": "https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=10bf4e83167cc68595b85fd73bb91e8f2c086e36",
"refsource": "MISC",
"url": "https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=10bf4e83167cc68595b85fd73bb91e8f2c086e36"
},
{
"name": "https://security.netapp.com/advisory/ntap-20210706-0003/",
"refsource": "CONFIRM",
"url": "https://security.netapp.com/advisory/ntap-20210706-0003/"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "99f1926a-a320-47d8-bbb5-42feb611262e",
"assignerShortName": "zdi",
"cveId": "CVE-2021-31440",
"datePublished": "2021-05-21T14:30:14.000Z",
"dateReserved": "2021-04-16T00:00:00.000Z",
"dateUpdated": "2024-08-03T22:55:53.733Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2020-28393 (GCVE-0-2020-28393)
Vulnerability from cvelistv5 – Published: 2021-05-12 13:18 – Updated: 2024-08-04 16:33- CWE-682 - INCORRECT CALCULATION CWE-682
| URL | Tags |
|---|---|
| https://us-cert.cisa.gov/ics/advisories/icsa-21-131-10 | x_refsource_MISC |
| https://cert-portal.siemens.com/productcert/pdf/s… | x_refsource_MISC |
| Vendor | Product | Version | |
|---|---|---|---|
| n/a | SCALANCE XM-400, XR-500 |
Affected:
All versions prior to v6.4
|
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-04T16:33:59.094Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://us-cert.cisa.gov/ics/advisories/icsa-21-131-10"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://cert-portal.siemens.com/productcert/pdf/ssa-116379.pdf"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "SCALANCE XM-400, XR-500",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "All versions prior to v6.4"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "An unauthenticated remote attacker could create a permanent denial-of-service condition by sending specially crafted OSPF packets. Successful exploitation requires OSPF to be enabled on an affected device on the SCALANCE XM-400, XR-500 (All versions prior to v6.4)."
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-682",
"description": "INCORRECT CALCULATION CWE-682",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2021-05-13T12:00:54.000Z",
"orgId": "cec7a2ec-15b4-4faf-bd53-b40f371f3a77",
"shortName": "siemens"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://us-cert.cisa.gov/ics/advisories/icsa-21-131-10"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://cert-portal.siemens.com/productcert/pdf/ssa-116379.pdf"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "productcert@siemens.com",
"ID": "CVE-2020-28393",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "SCALANCE XM-400, XR-500",
"version": {
"version_data": [
{
"version_value": "All versions prior to v6.4"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "An unauthenticated remote attacker could create a permanent denial-of-service condition by sending specially crafted OSPF packets. Successful exploitation requires OSPF to be enabled on an affected device on the SCALANCE XM-400, XR-500 (All versions prior to v6.4)."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "INCORRECT CALCULATION CWE-682"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://us-cert.cisa.gov/ics/advisories/icsa-21-131-10",
"refsource": "MISC",
"url": "https://us-cert.cisa.gov/ics/advisories/icsa-21-131-10"
},
{
"name": "https://cert-portal.siemens.com/productcert/pdf/ssa-116379.pdf",
"refsource": "MISC",
"url": "https://cert-portal.siemens.com/productcert/pdf/ssa-116379.pdf"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "cec7a2ec-15b4-4faf-bd53-b40f371f3a77",
"assignerShortName": "siemens",
"cveId": "CVE-2020-28393",
"datePublished": "2021-05-12T13:18:22.000Z",
"dateReserved": "2020-11-10T00:00:00.000Z",
"dateUpdated": "2024-08-04T16:33:59.094Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2020-26265 (GCVE-0-2020-26265)
Vulnerability from cvelistv5 – Published: 2020-12-11 16:45 – Updated: 2024-08-04 15:56- CWE-682 - Incorrect Calculation
| URL | Tags |
|---|---|
| https://github.com/ethereum/go-ethereum/security/… | x_refsource_CONFIRM |
| https://github.com/ethereum/go-ethereum/releases/… | x_refsource_MISC |
| Vendor | Product | Version | |
|---|---|---|---|
| ethereum | go-ethereum |
Affected:
>= 1.9.4, < 1.9.20
|
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-04T15:56:03.493Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://github.com/ethereum/go-ethereum/security/advisories/GHSA-xw37-57qp-9mm4"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://github.com/ethereum/go-ethereum/releases/tag/v1.9.20"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "go-ethereum",
"vendor": "ethereum",
"versions": [
{
"status": "affected",
"version": "\u003e= 1.9.4, \u003c 1.9.20"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "Go Ethereum, or \"Geth\", is the official Golang implementation of the Ethereum protocol. In Geth from version 1.9.4 and before version 1.9.20 a consensus-vulnerability could cause a chain split, where vulnerable versions refuse to accept the canonical chain. The fix was included in the Paragade release version 1.9.20. No individual workaround patches have been made -- all users are recommended to upgrade to a newer version."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:N/I:H/A:N",
"version": "3.1"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-682",
"description": "CWE-682 Incorrect Calculation",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2020-12-11T16:45:15.000Z",
"orgId": "a0819718-46f1-4df5-94e2-005712e83aaa",
"shortName": "GitHub_M"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://github.com/ethereum/go-ethereum/security/advisories/GHSA-xw37-57qp-9mm4"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://github.com/ethereum/go-ethereum/releases/tag/v1.9.20"
}
],
"source": {
"advisory": "GHSA-xw37-57qp-9mm4",
"discovery": "UNKNOWN"
},
"title": "Consensus flaw during block processing",
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "security-advisories@github.com",
"ID": "CVE-2020-26265",
"STATE": "PUBLIC",
"TITLE": "Consensus flaw during block processing"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "go-ethereum",
"version": {
"version_data": [
{
"version_value": "\u003e= 1.9.4, \u003c 1.9.20"
}
]
}
}
]
},
"vendor_name": "ethereum"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Go Ethereum, or \"Geth\", is the official Golang implementation of the Ethereum protocol. In Geth from version 1.9.4 and before version 1.9.20 a consensus-vulnerability could cause a chain split, where vulnerable versions refuse to accept the canonical chain. The fix was included in the Paragade release version 1.9.20. No individual workaround patches have been made -- all users are recommended to upgrade to a newer version."
}
]
},
"impact": {
"cvss": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:N/I:H/A:N",
"version": "3.1"
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "CWE-682 Incorrect Calculation"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://github.com/ethereum/go-ethereum/security/advisories/GHSA-xw37-57qp-9mm4",
"refsource": "CONFIRM",
"url": "https://github.com/ethereum/go-ethereum/security/advisories/GHSA-xw37-57qp-9mm4"
},
{
"name": "https://github.com/ethereum/go-ethereum/releases/tag/v1.9.20",
"refsource": "MISC",
"url": "https://github.com/ethereum/go-ethereum/releases/tag/v1.9.20"
}
]
},
"source": {
"advisory": "GHSA-xw37-57qp-9mm4",
"discovery": "UNKNOWN"
}
}
}
},
"cveMetadata": {
"assignerOrgId": "a0819718-46f1-4df5-94e2-005712e83aaa",
"assignerShortName": "GitHub_M",
"cveId": "CVE-2020-26265",
"datePublished": "2020-12-11T16:45:15.000Z",
"dateReserved": "2020-10-01T00:00:00.000Z",
"dateUpdated": "2024-08-04T15:56:03.493Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
Mitigation
Understand your programming language's underlying representation and how it interacts with numeric calculation. Pay close attention to byte size discrepancies, precision, signed/unsigned distinctions, truncation, conversion and casting between types, "not-a-number" calculations, and how your language handles numbers that are too large or too small for its underlying representation.
Mitigation MIT-8
Strategy: Input Validation
Perform input validation on any numeric input by ensuring that it is within the expected range. Enforce that the input meets both the minimum and maximum requirements for the expected range.
Mitigation
Use the appropriate type for the desired action. For example, in C/C++, only use unsigned types for values that could never be negative, such as height, width, or other numbers related to quantity.
Mitigation
Strategy: Language Selection
- Use languages, libraries, or frameworks that make it easier to handle numbers without unexpected consequences.
- Examples include safe integer handling packages such as SafeInt (C++) or IntegerLib (C or C++).
Mitigation
Strategy: Libraries or Frameworks
- Use languages, libraries, or frameworks that make it easier to handle numbers without unexpected consequences.
- Examples include safe integer handling packages such as SafeInt (C++) or IntegerLib (C or C++).
Mitigation MIT-26
Strategy: Compilation or Build Hardening
Examine compiler warnings closely and eliminate problems with potential security implications, such as signed / unsigned mismatch in memory operations, or use of uninitialized variables. Even if the weakness is rarely exploitable, a single failure may lead to the compromise of the entire system.
CAPEC-128: Integer Attacks
An attacker takes advantage of the structure of integer variables to cause these variables to assume values that are not expected by an application. For example, adding one to the largest positive integer in a signed integer variable results in a negative number. Negative numbers may be illegal in an application and the application may prevent an attacker from providing them directly, but the application may not consider that adding two positive numbers can create a negative number do to the structure of integer storage formats.
CAPEC-129: Pointer Manipulation
This attack pattern involves an adversary manipulating a pointer within a target application resulting in the application accessing an unintended memory location. This can result in the crashing of the application or, for certain pointer values, access to data that would not normally be possible or the execution of arbitrary code. Since pointers are simply integer variables, Integer Attacks may often be used in Pointer Attacks.