Lucene search
GoogleOSV:CVE-2021-29511HistoryMay 12, 2021 - 6:15 p.m.
CVE-2021-29511
2021-05-1218:15:08
Google
osv.dev
2
evm
rust
memory over-allocation
dos attack
patch
commit
upgrade
version 0.21.1
0.23.1
0.24.1
0.25.1
0.26.1
evm is a pure Rust implementation of Ethereum Virtual Machine. Prior to the patch, when executing specific EVM opcodes related to memory operations that use evm_core::Memory::copy_large, the evm crate can over-allocate memory when it is not needed, making it possible for an attacker to perform denial-of-service attack. The flaw was corrected in commit 19ade85. Users should upgrade to ==0.21.1, ==0.23.1, ==0.24.1, ==0.25.1, >=0.26.1. There are no workarounds. Please upgrade your evm crate version.
Related
cvelist
cvelist
CVE-2021-29511 Memory over-allocation in evm crate
2021-05-12 17:15:11
nvd
nvd
CVE-2021-29511
2021-05-12 18:15:08
osv
osv
Memory over-allocation in evm crate
2024-01-30 23:55:38
github
github
Memory over-allocation in evm crate
2024-01-30 23:55:38
prion
prion
Design/Logic Flaw
2021-05-12 18:15:00
cve
cve
CVE-2021-29511
2021-05-12 18:15:08