4 matches found
CVE-2021-47044 sched/fair: Fix shift-out-of-bounds in load_balance()
In the Linux kernel, the following vulnerability has been resolved: sched/fair: Fix shift-out-of-bounds in loadbalance Syzbot reported a handful of occurrences where an sd-nrbalancefailed can grow to much higher values than one would expect. A successful loadbalance resets it to 0; a failed one...
CVE-2021-47044
In the Linux kernel, the following vulnerability has been resolved: sched/fair: Fix shift-out-of-bounds in loadbalance Syzbot reported a handful of occurrences where an sd-nrbalancefailed can grow to much higher values than one would expect. A successful loadbalance resets it to 0; a failed one...
anyone can call forceRemoveByActiveBalance()
Handle Tomio Vulnerability details Impact A user can call forceRemoveByActiveBalance and this function didn’t verify if the caller is equal to the protocol agent, that eventually clear the remaining balance. Proof of Concept --- The text was updated successfully, but these errors were encountered...
Owner can set arbitrary premium which allow nonStakers drain funds
Handle wuwe1 Vulnerability details Impact Owner can set arbitrary premium, this will cause protocol lose all the activeBalance, stakers lose all the claimable premium and nonStakers can drain all the usdc. Proof of Concept setProtocolPremium does not check the value of premium. premium can be...