3 matches found
CVE-2022-31264
Solana solanarbpf before 0.2.29 has an addition integer overflow via invalid ELF program headers. elf.rs has a panic via a malformed eBPF program...
gemachain-bpf-loader-program (=1.8.0), hpl-reward-center (>=0.1.0 <=0.2.4) +58 more potentially affected by CVE-2022-31264 via solana_rbpf (>=0.1.10 <=0.2.24)
solanarbpf CARGO version =0.1.10, =0.1.0, =1.1.6, =0.2.1, =0.1.0, =0.1.0, =1.2.3, =0.1.1, =0.1.7 and more Source cves: CVE-2022-31264 Source advisory: OSV:GHSA-FFX3-8QVM-PQ3J...
CVE-2022-31264
CVE-2022-31264 affects Solana’s Solana RBPF prior to 0.2.29, where an addition integer overflow can occur due to invalid ELF program headers and the elf.rs component may panic on a malformed eBPF program. Public records from Red Hat, GHSA, OSV and PT Security corroborate a vulnerability in Solana...