Vulnerability of the amd_iommu_probe_finalize() function in the drivers/iommu/amd/iommu.c module – Linux kernel’s IOMMU support driver, which allows a hacker to cause a service failure

Vulnerability of the amdiommuprobefinalize function in the drivers/iommu/amd/iommu.c module – Linux’s IOMMU support driver relies on the assignment of the NULL pointer. Exploiting this vulnerability could allow a remote attacker to cause a service failure...

The vulnerability of the uapi_finalize() function in the drivers/infiniband/core/uverbs_uapi.c file of the Linux kernel allows a hacker to cause a service failure.

The vulnerability of the uapifinalize function in the drivers/infiniband/core/uverbsuapi.c file of the Linux kernel is related to a pointer dereferencing error. Exploiting this vulnerability could allow an attacker to cause a service failure...

Not possible to finish LPDA after endTime

Lines of code Vulnerability details Vulnerability details The only way to finish the sale is when newId == temp.finalId, making not possible to finish LPDA even if the endTime is already over POC There isn't any function to finalize the LPDA sale even if already finished the sale, the only way to...

Draining baseToken from contract by calling finalize function multiple times

Lines of code Vulnerability details Impact Draining baseToken from SizeSealed contract by calling finalize function multiple times Proof of Concept The finalize function can be called multiple times by providing clearingQuote to typeuint128.max. Currently inside finalize function there is no chec...

Some cases maybe cause the bids unable to get their funds back.

Lines of code Vulnerability details Impact All of the following there cases maybe cause the bids unable to get their funds back. Details case1: If sellerwho is a bad man does not reveal in the reveal period, then all the bids will be unable to get their funds back. case2: If sellerwho is a bad ma...

[PNM-002] finalize with malicious input may lock bidder funds in the contract

Lines of code Vulnerability details Description The finalize function of the contract SizeSealed is used to finalize an auction, allowing the auctioner or seller to be paid quote tokens and also eventually allowing successful bidders to withdraw base tokens. Once the finalize function is called,...

Denial of service when baseAmount is equal to zero

Lines of code Vulnerability details Vulnerability details Description There is a finalize function in the SizeSealed smart contract. The function traverses the array of the bids sorted by price descending. On each iteration, it calculates the quotePerBase. When this variable is calculated, the...

Owner never calls finalize() = rug pull

Lines of code Vulnerability details Impact In order for users to claim their promised tokenOut tokens, the contract owner must call the finalize function. If the owner never calls the finalize function, no user can call the claim function to get their tokens. The owner can call the sweep function...

Sale should be able to be automatically finalized

Lines of code Vulnerability details Impact The admins are the only ones that are able to finalize the sale. Throughout the token buying process, the admins are transferred tokenIn tokens, and the users are expecting to be able to get the corresponding tokenOut tokens once the sale is finalized. T...

PostAuctionLauncher's liquidity provision can be exploited

Handle cmichel Vulnerability details The PostAuctionLauncher.finalize function takes the raised payment token amounts and uses previously provided auction token amounts to provide liquidity to a Sushiswap pool after an auction has successfully been finalized. It provides this liquidity at a...