14 matches found
Improper Synchronization
Overview Affected versions of this package are vulnerable to Improper Synchronization through the bridgeOut precompile. An attacker can restore their ERC-20 token balance and allowance after a burn operation by exploiting stale state overwrites in the dual-context state management, enabling...
Improper Synchronization
Overview Affected versions of this package are vulnerable to Improper Synchronization through the bridgeOut precompile. An attacker can restore their ERC-20 token balance and allowance after a burn operation by exploiting stale state overwrites in the dual-context state management, enabling...
Improper Synchronization
Overview Affected versions of this package are vulnerable to Improper Synchronization through the bridgeOut precompile. An attacker can restore their ERC-20 token balance and allowance after a burn operation by exploiting stale state overwrites in the dual-context state management, enabling...
Astra Linux - уязвимость в qemu
A bug in QEMU could cause a guest I/O operation that is normally directed to an arbitrary disk offset to be directed instead to offset 0. This could potentially overwrite the VM’s boot code. For example, this could be exploited by L2 guests who have a virtual disk vdiskL2 stored on the virtual di...
PT-2026-33634
Name of the Vulnerable Software and Affected Versions UltraDAG version 0.1 Description A non-council attacker can submit a signed 'SmartOp::Vote' transaction that successfully passes signature, nonce, and balance prechecks. However, the authorization check fails only after state mutation has...
Republic and Incentiv Partner to Simplify and Reward Web3 Participation
Republic today announced a strategic partnership with Incentiv, an EVM-compatible Layer 1 blockchain designed to make Web3 simple,…...
Hydra 安全漏洞
Hydra is a Nix open source continuous integration service based on the Nix project. A security vulnerability exists in versions prior to Hydra 0.22.0 that stems from a failed transaction on Cardano L1 that was not considered and could lead to a reorganization attack...
Looking for Attention: Randomized Attention Test Design for Validator Monitoring in Optimistic Rollups
Optimistic Rollups ORUs significantly enhance blockchain scalability but inherently suffer from the verifier's dilemma, particularly concerning validator attentiveness. Current systems lack mechanisms to proactively ensure validators are diligently monitoring L2 state transitions, creating a...
A Framework for Combined Transaction Posting and Pricing for Layer 2 Blockchains
This paper presents a comprehensive framework for transaction posting and pricing in Layer 2 L2 blockchain systems, focusing on challenges stemming from fluctuating Layer 1 L1 gas fees and the congestion issues within L2 networks. Existing methods have focused on the problem of optimal posting...
Sei Giga
We introduce the Sei Giga, a multi-concurrent producer parallelized execution EVM layer one blockchain. In an internal testnet Giga has achieved 5 gigagas/sec throughput and sub 400ms finality. Giga uses Autobahn for consensus with separate DA and consensus layers requiring f+1 votes for a PoA on...
UBUNTU-CVE-2023-5088
A bug in QEMU could cause a guest I/O operation otherwise addressed to an arbitrary disk offset to be targeted to offset 0 instead potentially overwriting the VM's boot code. This could be used, for example, by L2 guests with a virtual disk vdiskL2 stored on a virtual disk of an L1 vdiskL1...
Same function
Lines of code Vulnerability details Both functions do the same thing, while logically one of the functions should be for layer one and the other function should be in layer two to perform the same operation. --- The text was updated successfully, but these errors were encountered: All reactions...
Kernel: kvm: nVMX: L2 guest may trick the L0 hypervisor to access sensitive L1 resources
A flaw was found in the way KVM hypervisor handled instruction emulation for the L2 guest when nested=1 virtualization is enabled. In the instruction emulation, the L2 guest could trick the L0 hypervisor into accessing sensitive bits of the L1 hypervisor. An L2 guest could use this flaw to...
UBUNTU-CVE-2020-2732
A flaw was discovered in the way that the KVM hypervisor handled instruction emulation for an L2 guest when nested virtualisation is enabled. Under some circumstances, an L2 guest may trick the L0 guest into accessing sensitive L1 resources that should be inaccessible to the L2 guest...