3 matches found
CVE-2021-46102
From version 0.2.14 to 0.2.16 for Solana rBPF, function "relocate" in the file src/elf.rs has an integer overflow bug because the sym.stvalue is read directly from ELF file without checking. If the sym.stvalue is rather large, an integer overflow is triggered while calculating the variable "addr"...
CVE-2021-46102
From version 0.2.14 to 0.2.16 for Solana rBPF, function "relocate" in the file src/elf.rs has an integer overflow bug because the sym.stvalue is read directly from ELF file without checking. If the sym.stvalue is rather large, an integer overflow is triggered while calculating the variable "addr"...
CVE-2021-46102
Summary (CVE-2021-46102, Solana rBPF): Vulnerable releases are Solana rBPF 0.2.14–0.2.16. The issue resides in the relocate function of src/elf.rs, where sym.st_value is read directly from the ELF file without validation, enabling an integer overflow when computing the address (addr = (sym.st_val...