CVE-2024-26755

In the Linux kernel, the following vulnerability has been resolved: md: Don't suspend the array for interrupted reshape mdstartsync will suspend the array if there are spares that can be added or removed from conf, however, if reshape is still in progress, this won't happen at all or data will be...

CISA and FBI Release Secure by Design Alert to Urge Manufacturers to Eliminate SQL Injection Vulnerabilities

Today, CISA and the Federal Bureau of Investigation FBI released a joint Secure by Design Alert, Eliminating SQL Injection Vulnerabilities in Software. This Alert was crafted in response to a recent, well-publicized exploitation of SQL injection SQLi defects in a managed file transfer application...

CVE-2023-52587

A hard lockup flaw was found in the Linux kernel’s IPoIB driver in how a user triggers the ipoibmcastjointask function, caused by invalid priv-multicastlist locking. This flaw allows a local user to crash the system. Mitigation To mitigate this issue, prevent module ibcore from being loaded. Plea...

CVE-2023-52587

In the Linux kernel, the following vulnerability has been resolved: IB/ipoib: Fix mcast list locking Releasing the priv-lock while iterating the priv-multicastlist in ipoibmcastjointask opens a window for ipoibmcastdevflush to remove the items while in the middle of iteration. If the mcast is...

Spoofing

In the Linux kernel, the following vulnerability has been resolved: IB/ipoib: Fix mcast list locking Releasing the priv-lock while iterating the priv-multicastlist in ipoibmcastjointask opens a window for ipoibmcastdevflush to remove the items while in the middle of iteration. If the mcast is...

CVE-2023-52587 IB/ipoib: Fix mcast list locking

In the Linux kernel, the following vulnerability has been resolved: IB/ipoib: Fix mcast list locking Releasing the priv-lock while iterating the priv-multicastlist in ipoibmcastjointask opens a window for ipoibmcastdevflush to remove the items while in the middle of iteration. If the mcast is...

changeRegistries() from the Tokenomics contract changes different registries at the same time.

Lines of code Vulnerability details Impact In a case where either one of the agent, component or service registry are deprecated, attempting to replace the compromised registry necessitates an overall replacement of all the other registries. This not only utilizes excess gas but can also bring...

NewStart CGSL MAIN 5.04 : openssl Vulnerability (NS-SA-2023-0069)

The remote NewStart CGSL host, running version MAIN 5.04, has openssl packages installed that are affected by a vulnerability: - In addition to the crehash shell command injection identified in CVE-2022-1292, further circumstances where the crehash script does not properly sanitise shell...

NewStart CGSL MAIN 6.02 : openssl Multiple Vulnerabilities (NS-SA-2023-0074)

The remote NewStart CGSL host, running version MAIN 6.02, has openssl packages installed that are affected by multiple vulnerabilities: - In addition to the crehash shell command injection identified in CVE-2022-1292, further circumstances where the crehash script does not properly sanitise shell...

Loss of Funds for Users Due to Token Purchase after Maximum Supply

Lines of code Vulnerability details Summary When the token's total supply reaches its maximum, users lose funds when attempting to buy tokens, as the transaction completes without minting new tokens. Vulnerability Details To engage in the voting system, users must acquire tokens directly from the...

The builderReferral, purchaseReferral and deployer can never be equal to address(0), which leads to the revolutionRewardRecipient stealing their rewards

Lines of code Vulnerability details HIGH The builderReferral, purchaseReferral and deployer can never be equal to address0, which leads to the revolutionRewardRecipient stealing their rewards Description: revolutionRewardRecipient will receive the rewards of the builderReferral, purchaseReferral...

convertedAmount set to zero because of bad math arithmetic

Lines of code Vulnerability details Impact Detailed description of the impact of this finding. The pool will be able to give an outputAmount corresponding to the rawInputAmount = 0 Proof of Concept Provide direct links to all referenced code in GitHub. Add screenshots, logs, or any other relevant...

Return values of approve() not checked

Lines of code 321, 215, 184, 450, 761, 217, 157, 234, 339, 386https://github.com/Tapioca-DAO/t...

LinearBondingCurve.log2 function contains an incorrect shift operation that could lead to wrong calculation.

Lines of code Vulnerability details Impact The values in the shift operation are reversed. The provided inline assembly code for the log2 function appears to be an issue in the sequence of shift operations. Let's break down the relevant part of the code: r := or r, byte and0x1f, shrshrr, x,...

The owner of the asD contract (i.e. the creator) can not withdraw the accrued interest

Lines of code Vulnerability details Impact The asD.withdrawCarry function will always throw an error for all normal totalSupply values due to inappropriate scale factor. So the creator can withdraw the accrued interest only after all users will burn their asD tokens. Proof of Concept The scale...

shareData[_id].shareHolderRewardsPerTokenScaled is updated with wrong value in _splitFees()

Lines of code Vulnerability details Impact Due to wrong decimal adjustment shareHolderRewardsPerTokenScaled in shareData with coresponding ShareId is over valued. Proof of Concept In struct ShareData its clearly state that uint256 shareHolderRewardsPerTokenScaled; // Accrued funds for the share...

The staker could silently lose all their previously deposited assets when revert TokenTransferFailed() is called

Lines of code Vulnerability details Impact The staker could silently lose all their deposited assets in the NodeDelegator.sol function when they time to transfer their assets. This could happen when the staker owns assets in the Eigen but it is not enough to be transferred when the calculated...

Missing pause check in transferAssetToNodeDelegator()

Lines of code Vulnerability details Summary The function transferAssetToNodeDelegator present in the LRTDepositPool contact ignores the contract's pause state. Impact The LRTDepositPool contract contains a functionality to pause the contract in case of an emergency. 208: function pause external...

decreaseTotalVotingPower - If totalVotingPower becomes less than mintedVotingPower, the protocol crashes(even can lose assets)

Lines of code Vulnerability details Impact If totalVotingPower getSharedProposalStorage.governanceValues.totalVotingPower -= votingPower; 1. Tak...

SafeID's ownership is not checked properly in BasicAction.generateDebt()

Lines of code Vulnerability details Impact the ownership of safe's id passed in BasicAction.generateDebt is never checked which can lead to unexpected results Proof of Concept BasicAction.generateDebt has the following code - function generateDebt address manager, address taxCollector, address...