CWE-788
Access of Memory Location After End of Buffer
BaseIncomplete
Description
The product reads or writes to a buffer using an index or pointer that references a memory location after the end of the buffer.
This typically occurs when a pointer or its index is incremented to a position after the buffer; or when pointer arithmetic results in a position after the buffer.
Hierarchy (View 1000)
CVEs mapped to this weakness (4)
| CVE | Sev | Risk | CVSS | EPSS | KEV | Published | Description |
|---|---|---|---|---|---|---|---|
| CVE-2024-27828 | Hig | 0.51 | 7.8 | 0.00 | Jun 10, 2024 | The issue was addressed with improved memory handling. This issue is fixed in iOS 17.5 and iPadOS 17.5, tvOS 17.5, visionOS 1.2, watchOS 10.5. An app may be able to execute arbitrary code with kernel privileges. | |
| CVE-2024-27829 | Hig | 0.51 | 7.8 | 0.00 | May 14, 2024 | The issue was addressed with improved memory handling. This issue is fixed in macOS Sonoma 14.5. Processing a file may lead to unexpected app termination or arbitrary code execution. | |
| CVE-2024-0074 | Hig | 0.46 | 7.1 | 0.00 | Mar 27, 2024 | NVIDIA GPU Display Driver for Linux contains a vulnerability where an attacker may access a memory location after the end of the buffer. A successful exploit of this vulnerability may lead to denial of service and data tampering. | |
| CVE-2023-20585 | Med | 0.36 | — | 0.00 | Apr 16, 2026 | Insufficient checks of the RMP on host buffer access in IOMMU may allow an attacker with privileges and a compromised hypervisor to trigger an out of bounds condition without RMP checks, resulting in a potential loss of confidential guest integrity. |