5 matches found
CVE-2025-21806
In the Linux kernel, the following vulnerability has been resolved: net: let net.core.devweight always be non-zero The following problem was encountered during stability test: NULL netdevice: NAPI poll function processbacklog+0x0/0x530 \ returned 1, exceeding its budget of 0. ------------ cut her...
InterchainProposalExecutor doesn't support actions with value
Lines of code Vulnerability details Impact An interchain call consists of the target address, calldata, and value. When InterchainProposalExecutor performs the call, it passes the value along function executeProposalInterchainCalls.Call memory calls internal for uint256 i = 0; i calls.length; i++...
Deposit and mint function will be rendered useless for users who are depositing using eth since balances will never be finalised
Lines of code Vulnerability details The penultimate function in NotionalV2.batchBalanceAndTradeAction calculates the withdrawals and finalises the balance as mentioned : but the following calculation will revert on an underflow since balanceState.netAssetTransferInternalPrecision is set to 0 in...
Upgraded Q -> M from 87 [1654442977298]
Judge has assessed an item in Issue 87 as Medium risk. The relevant finding follows: Issue 3 Low - Some tokens do not allow for Non-Zero to Non-Zero value approvals USDT, for example, will not allow approving a non-zero amount and then approving another non-zero amount. The approval must be reset...
kernel: use-after-free in __ext4_expand_extra_isize and ext4_xattr_set_entry related to fs/ext4/inode.c and fs/ext4/super.c
A use-after-free flaw was found in the Linux kernel’s ext4 file system functionality when the user mount ext4 partition, with the usage of an additional debug parameter is defining an extra inode size. If this parameter has a non zero value, this flaw allows a local user to crash the system when...