5 matches found
CVE-2022-36025
Besu (Java-based Ethereum client) contains a numeric conversion bug in gas calculation for CALL/DELEGATECALL, affecting versions after 22.1.3 and before 22.7.1. The error in 32-bit signed/unsigned arithmetic can pass incorrect gas to called contracts and return gas, potentially causing a differin...
CVE-2022-36025 Incorrect Conversion between Numeric Types in Besu Ethereum Client
Besu is a Java-based Ethereum client. In versions newer than 22.1.3 and prior to 22.7.1, Besu is subject to an Incorrect Conversion between Numeric Types. An error in 32 bit signed and unsigned types in the calculation of available gas in the CALL operations including DELEGATECALL results in...
GHSA-4456-W38R-M53X Besu VM vulnerable to gas allocation error in CALL operations
Impact An error in 32 bit signed and unsigned types in the calculation of available gas in the CALL operations including DELEGATECALL results in incorrect gas being passed into called contracts and incorrect gas being returned after call execution. Where the amount of gas makes a difference in th...
Besu VM vulnerable to gas allocation error in CALL operations
Impact An error in 32 bit signed and unsigned types in the calculation of available gas in the CALL operations including DELEGATECALL results in incorrect gas being passed into called contracts and incorrect gas being returned after call execution. Where the amount of gas makes a difference in th...
PT-2022-23124 · Besu · Besu
Name of the Vulnerable Software and Affected Versions: Besu versions 22.1.4 through 22.7.0 Description: The issue is related to an incorrect conversion between numeric types in the calculation of available gas in CALL operations, including DELEGATECALL. This results in incorrect gas being passed...