Buffer Overflow Vulnerabilities

Cluster focuses on debates about buffer overflows, integer overflows, use-after-free bugs, and other memory safety issues, including their exploitability, classification, and relation to unsafe languages like C.

➡️ Stable 0.6x Security

3,814

Comments

Years Active

Top Authors

#6786

Topic ID

Activity Over Time

2007

2008

2009

2010

2011

2012

2013

150

2014

242

2015

228

2016

243

2017

269

2018

210

2019

281

2020

233

2021

333

2022

340

2023

330

2024

276

2025

374

2026

Top Contributors

pjmlp (102) tptacek (100) saagarjha (61) WalterBright (30) userbinator (28)

Keywords

e.g CRTL CPU SWE STL CFI I.e RCE crash.c OS overflow buffer bounds memory bug exploit fault checking exploitable crash

Sample Comments

pojhvc • Jul 19, 2021 • View on HN

It's more often use-after-free or heap buffer overrun bugs, these days.

Denvercoder9 • May 6, 2021 • View on HN

If we're nitpicking, doesn't this technically not still allow a buffer overflow, just negate the consequences of it?

marcosdumay • Jan 7, 2022 • View on HN

A buffer overflow isn't a memory safety issue?

tptacek • Jun 23, 2022 • View on HN

Has an exploitable buffer bleed (I'm happy with this coinage!) happened in any recent memory safe codebase?

formerly_proven • Nov 1, 2022 • View on HN

Bog standard buffer overflow caused by incorrect bounds checking. Yes.

ramesh31 • Sep 26, 2023 • View on HN

How can buffer overflows still be happening in this day and age?

titzer • May 21, 2020 • View on HN

Integer overflow bug causing manual memory allocation bug leading to RCE. All too common. We need to stop relying on software written in unsafe languages.

polemic • Apr 1, 2016 • View on HN

If this had a buffer overflow vulnerability it'd be perfect ;0

pjmlp • Feb 12, 2017 • View on HN

No, but memory corruption related to pointers misuse or unsigned arithmetic is.

khaledh • Dec 17, 2021 • View on HN

Technically it's not a buffer overflow; it's an integer overflow bug.