CVE-2023-53222

In the Linux kernel, the following vulnerability has been resolved: jfs: jfsdmap: Validate dbl2nbperpage while mounting In jfsdmap.c at line 381, BLKTODMAP is used to get a logical block number inside dbFree. dbl2nbperpage, which is the log2 number of blocks per page, is passed as an argument to...

Input validation

Frontier is Substrate's Ethereum compatibility layer. In the newly introduced signed Frontier-specific extrinsic for pallet-ethereum, a large part of transaction validation logic was only called in transaction pool validation, but not in block execution. Malicious validators can take advantage of...

CVE-2021-41138

CVE-2021-41138 concerns Frontier, Substrate’s Ethereum compatibility layer. A signed Frontier-specific extrinsic for pallet-ethereum caused many validation checks to run only during transaction pool validation, not during block execution, allowing malicious validators to include invalid transacti...

CVE-2021-41138 Validity check for signed Frontier-specific extrinsic not called in block execution

Frontier is Substrate's Ethereum compatibility layer. In the newly introduced signed Frontier-specific extrinsic for pallet-ethereum, a large part of transaction validation logic was only called in transaction pool validation, but not in block execution. Malicious validators can take advantage of...