Filtered by vendor Solana
Subscribe
Total
4 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2022-23066 | 1 Solana | 1 Rbpf | 2023-02-10 | 6.4 MEDIUM | 9.1 CRITICAL |
| In Solana rBPF versions 0.2.26 and 0.2.27 are affected by Incorrect Calculation which is caused by improper implementation of sdiv instruction. This can lead to the wrong execution path, resulting in huge loss in specific cases. For example, the result of a sdiv instruction may decide whether to transfer tokens or not. The vulnerability affects both integrity and may cause serious availability problems. | |||||
| CVE-2022-35917 | 1 Solana | 1 Pay | 2022-08-10 | N/A | 5.3 MEDIUM |
| Solana Pay is a protocol and set of reference implementations that enable developers to incorporate decentralized payments into their apps and services. When a Solana Pay transaction is located using a reference key, it may be checked to represent a transfer of the desired amount to the recipient, using the supplied `validateTransfer` function. An edge case regarding this mechanism could cause the validation logic to validate multiple transfers. This issue has been patched as of version `0.2.1`. Users of the Solana Pay SDK should upgrade to it. There are no known workarounds for this issue. | |||||
| CVE-2022-31264 | 1 Solana | 1 Rbpf | 2022-06-02 | 5.0 MEDIUM | 7.5 HIGH |
| Solana solana_rbpf before 0.2.29 has an addition integer overflow via invalid ELF program headers. elf.rs has a panic via a malformed eBPF program. | |||||
| CVE-2021-46102 | 1 Solana | 1 Rbpf | 2022-02-07 | 5.0 MEDIUM | 7.5 HIGH |
| From version 0.2.14 to 0.2.16 for Solana rBPF, function "relocate" in the file src/elf.rs has an integer overflow bug because the sym.st_value is read directly from ELF file without checking. If the sym.st_value is rather large, an integer overflow is triggered while calculating the variable "addr" via "addr = (sym.st_value + refd_pa) as u64"; | |||||