VariantDraft
CWE-121Stack-based Buffer Overflow
Category: memory
Description
A stack-based buffer overflow condition is a condition where the buffer being overwritten is allocated on the stack (i.e., is a local variable or, rarely, a parameter to a function).
Common consequences· 3
- Availability — Modify Memory, DoS: Crash, Exit, or Restart, DoS: Resource Consumption (CPU), DoS: Resource Consumption (Memory)Buffer overflows generally lead to crashes. Other attacks leading to lack of availability are possible, including putting the program into an infinite loop.
- Integrity / Confidentiality / Availability / Access Control — Modify Memory, Execute Unauthorized Code or Commands, Bypass Protection MechanismBuffer overflows often can be used to execute arbitrary code, which is usually outside the scope of a program's implicit security policy.
- Integrity / Confidentiality / Availability / Access Control / Other — Modify Memory, Execute Unauthorized Code or Commands, Bypass Protection Mechanism, OtherWhen the consequence is arbitrary code execution, this can often be used to subvert any other security service.
Potential mitigations· 5
- [Operation, Build and Compilation]
- [Architecture and Design]Use an abstraction library to abstract away risky APIs. Not a complete solution.
- [Implementation]Implement and perform bounds checking on input.
- [Implementation]Do not use dangerous functions such as gets. Use safer, equivalent functions which check for boundary errors.
- [Operation, Build and Compilation]
References
(incoming)150
| Type | Target | Confidence | Tier |
|---|---|---|---|
| Vulnerability | Ivanti Connect Secure, Policy Secure, and ZTA Gateways Stack-Based Buffer Overflow Vulnerabilitycve-2025-0282 | 0% | live |
| Vulnerability | CVE-2025-0349cve-2025-0349 | 0% | live |
| Vulnerability | CVE-2025-0438cve-2025-0438 | 0% | live |
| Vulnerability | CVE-2025-0566cve-2025-0566 | 0% | live |
| Vulnerability | CVE-2025-0848cve-2025-0848 | 0% | live |
| Vulnerability | CVE-2025-10392cve-2025-10392 | 0% | live |
| Vulnerability | CVE-2025-10432cve-2025-10432 | 0% | live |
| Vulnerability | CVE-2025-10773cve-2025-10773 | 0% | live |
| Vulnerability | CVE-2025-10779cve-2025-10779 | 0% | live |
| Vulnerability | CVE-2025-11122cve-2025-11122 | 0% | live |
| Vulnerability | CVE-2025-11123cve-2025-11123 | 0% | live |
| Vulnerability | CVE-2025-11324cve-2025-11324 | 0% | live |
| Vulnerability | CVE-2025-11325cve-2025-11325 | 0% | live |
| Vulnerability | CVE-2025-11326cve-2025-11326 | 0% | live |
| Vulnerability | CVE-2025-11327cve-2025-11327 | 0% | live |
| Vulnerability | CVE-2025-11328cve-2025-11328 | 0% | live |
| Vulnerability | CVE-2025-11386cve-2025-11386 | 0% | live |
| Vulnerability | CVE-2025-11387cve-2025-11387 | 0% | live |
| Vulnerability | CVE-2025-11388cve-2025-11388 | 0% | live |
| Vulnerability | CVE-2025-11389cve-2025-11389 | 0% | live |
| Vulnerability | CVE-2025-11418cve-2025-11418 | 0% | live |
| Vulnerability | CVE-2025-11524cve-2025-11524 | 0% | live |
| Vulnerability | CVE-2025-11525cve-2025-11525 | 0% | live |
| Vulnerability | CVE-2025-11526cve-2025-11526 | 0% | live |
| Vulnerability | CVE-2025-11527cve-2025-11527 | 0% | live |
| Vulnerability | CVE-2025-11528cve-2025-11528 | 0% | live |
| Vulnerability | CVE-2025-11541cve-2025-11541 | 0% | live |
| Vulnerability | CVE-2025-11542cve-2025-11542 | 0% | live |
| Vulnerability | CVE-2025-11549cve-2025-11549 | 0% | live |
| Vulnerability | CVE-2025-11586cve-2025-11586 | 0% | live |
Showing top 30 of 150 by confidence. Click any target to see the full neighbourhood.
Related by meaning· 6
Nearest entities by semantic similarity across the cs-graph corpus.