Integer underflow is a math error that happens when a calculation goes below the lowest value a number type can represent. In fixed-size integers, the result may wrap around to a very large positive number instead of becoming negative. That unexpected wrap can break security checks, size calculations, and memory bounds logic.
In cyber security, underflows are dangerous in parsers and drivers that process untrusted input, such as network packets. A length field or offset that underflows can make code believe there is more data available than there really is, or it can cause an index to point outside a valid buffer. Attackers look for these bugs to trigger crashes, bypass filters, or sometimes set up memory corruption. Defenders prevent them with strict range checks, safe arithmetic helpers, and careful handling of protocol edge cases, especially in kernel-mode code where a single mistake can affect the whole system.